Cybercrime is on the rise, and business owners and leaders should take all measures necessary to prevent it, coupling these preventative measures with cyber insurance. All business owners should prepare a written policy that instructs employees on best practices when it comes to preventing a cyberattack. For example, no one should ever click on a link with blind trust that it will direct them to the appropriate website. Employees need to take a few extra seconds to make sure that a cybercriminal has not doctored the link in a spoofing attempt before clicking on it. Managers should also make it clear that employees should click off a website immediately if anything about its appearance makes them feel uncomfortable.
1. Take a Moment to Verify the Sender
When employees are not expecting an email from a vendor, customer, co-worker, or anyone else they interact with regularly, they should call to confirm that person is actually the sender. Hackers may have gotten hold of the information and made a change small enough not to notice but big enough to allow them access to data or funds that do not belong to them.
2. Avoid Sharing Sensitive Data Electronically or Opening Email Attachments
No legitimate business associate should ask for information like a bank account number or other sensitive details through an email or text message. Employees are within their rights to ask for a hard copy of an official form and then confirm with their manager the request is legitimate before agreeing to fulfill it.
Email attachments have long been a source of malware infections on computers. The recipient of the email should always confirm that the sender intended to include an attachment before opening it. The person receiving the email may even want to consider having the sender submit the information to them in another way, such as by fax or postal mail.
3. Always Be Cautious and Report Suspicious Content and Requests
Although it is unfortunate, the reality of modern business practices requires people to be skeptical and remain on guard when receiving requests for money or sensitive data. If something just does not add up, taking the time to confirm the source and the request could mean the difference between business as usual and a disaster. People sending legitimate requests should not be upset by a delay when the sender confirms all information included in the communication.
Business owners should instruct employees to save any suspicious communication and then report it to their superior. It is also a good idea to update company policy regarding cyber security regularly and provide employees with the most recent set of instructions.
