Business email scams are common and dangerous. Learn the types of scams and how Fastmail’s business solutions prevent them.
If you run a company and have an email address, you could be targeted by people trying to scam your business. Losing money to scam operators is on the rise, particularly since the onset of the pandemic when regular operations were significantly disrupted.
A business email scam is where someone impersonates one of your suppliers, or one of your staff members, to get money. The scams vary in sophistication from simple traps to schemes involving specific information about your business.
Fastmail’s automated defenses help prevent spam and scams, but it’s best to arm yourself with knowledge so you can spot anything that slips through the cracks. In this post, we’ll cover different kinds of scams, discuss how you can stop them, and present actionable steps you can take to ensure you’re protected.
What is phishing? A phishing scam is where someone tries to get your login details.
What phishing looks like:
What are gift card scams? Gift card scams are when someone tries to get cash from you using relatively untraceable gift cards to transfer money.
What gift card scams look like:
What is identity fraud? Identify fraud is when someone impersonates someone you know, like a coworker or one of your vendors, in order to receive money.
What identity fraud can look like:
What is whaling or CEO fraud? This occurs when someone impersonates the CEO or other executive staff in order to gain access to the organization or its finances.
What whaling scams and CEO fraud look like:
As of December 2021, spam mail accounted for 45% of all email traffic. That’s a lot of spam and scams clogging up our inboxes!
Business Email Compromise (BEC) scams are the costliest type of cybercrime right now, as reported by the FBI’s 2021 report from their Internet Cyber Crime Center. Money lost to cybercrime was reported at 6.9 billion USD in 2021, of which BEC alone accounted for 2.4 billion USD. And these are just the losses that have been reported.
According to Scam Watch, the amount of money lost to scams of all kinds in Australia nearly doubled from 2020 to 2021 and is on track to double again in 2022.
Email scams are clearly proving effective for attackers, so it’s likely they’re here to stay.
Here are some simple steps to be aware of to help you avoid falling for scams.
Good business processes save you
For high-risk activities, such as transferring money or updating banking information, ensure that two people review and approve each activity.
You should also always double-check the requested update directly with the person or organization via another channel that’s harder to impersonate, like a phone call or video chat.
This prevents human error even during normal day-to-day work and doubles the number of people watching out for fraudulent behavior.
Urgency requires extra care
Attackers use urgency to trick you into bypassing the usual protections that businesses put in place to prevent fraud. Following your regular processes, even if it’s urgent, will help you avoid fraud and reduce the number of accidental errors.
Be cautious when clicking email links
If there’s a link prompting you to log in or verify something, don’t use it! Go to the other site’s website directly in your browser and log in using its normal flow.
If the email is legitimate, you’ll likely still be able to log in and take the requested action. If the email is a scam, you’ve saved yourself from handing over your credentials to the bad guys.
If you’re still unsure, contact the customer service team for that website to ask if the email is real.
Gift cards are for gifts
No legitimate organization will ever request payment via gift card. If someone tells you to pay via gift card, you know it’s a scam.
Protect the information you put on social media
Be mindful about what you put online. A skilled attacker will do their research so they can claim they know you or impersonate you more effectively. It’s even easier to scam you If your social media account has recent information about where you’ve been, who you’ve seen, and what you think.
A scammer can pretend they’re the CEO if they can use details that we think of as private. Whether it’s a networking event, or a fun run, or a kid’s graduation, these all help someone pretend to be you.
Offers too good to be true
Whether it’s an unclaimed inheritance, a lotto award, or a prize (for a competition you don’t remember entering), if it’s too good to be true, it’s not real. Even if you just need to pay a small sum upfront to proceed, scammers get rich from these small amounts the more people they scam.
We’ve covered some standard practices you can implement to protect yourself. Now, let’s look at four ways Fastmail stands out when it comes to avoiding business email scams.
Attackers are always developing new strategies to create a successful scam. Fastmail’s deliverability and anti-abuse team works tirelessly to stay current with the latest trends. We attend global email industry conferences multiple times a year to share knowledge, tools, and techniques.
Need increased security for your business email? Try Fastmail for free!
Fastmail’s open API makes creating new and exciting tools easy for email enthusiasts.
At the beginning of December, we announced the return of Fastmail Advent. Please enjoy this wrap-up of our staff members’ responses.