Just yesterday I heard yet another story of a business executive who mistakenly authorized a large payment to what he thought was a legitimate vendor. It wasn’t until a month later, when the real vendor called about the late payment, that he realized he was the victim of a spear-phishing scam.
Spear phishers use “social engineering” to get to know your business and the companies with whom you do business. Then, they cleverly disguise an email pretending to be one of your trusted vendors asking for payment or banking information.
When in doubt, make a phone call. Many spear-phishing attacks can be thwarted by having a system of checks and balances that includes calling the source of the request for payment to confirm. There are other ways too that your employees can help protect your company’s financial and other important data from malicious virus attacks and hackers.