Tips to Help Avoid Business Phishing Scams

November 27, 2019

As a business owner, your number one priority is protecting your assets. One of the best ways to do this is by being aware of the dangers that are looking to take advantage of those who are less vigilant. One way that your business can be attacked is through online scams. Many businesses do have online safe-keeping practices in place, however, as filtering and protections improve, attackers become savvier and update their techniques. Our best advice to you is to keep up with trending scams and alert your employees to any new phishing scam trends that could attack your business at any time.

Fake Email Addresses

Approximately 49% of malware is delivered through email scams. Fake email addresses can imitate known brands like PayPal or AT&T. The basic giveaway that this is spam is that the spelling can be incorrect such as Peypal or ATnT. These emails can be a one-time email with a bogus web address for the user to follow asking for sensitive login information, financial information, and/or security allowances. The best practice is to verify the email is from a secure source, that it is specifically addressed to them and not a generic “Dear Apple User” salutation, and that your employee knows and trusts them.

The other way a scammer can get to your business is to build up a certain amount of trust with an employee overtime, whether it be weeks, months, or even a year. Once that level of trust has been built, it is hard to know when you’re dealing with a scammer or a legit service. Just let your employees know to be vigilant and to not open emails from unknown sources.

Fake Landing Pages and Fear Tactics

Many scammers will provide a link that takes the user to a fake landing page. By clicking this link, the user can unknowingly download malware into your servers. Another way scammers use this tactic is to take the user to a fake landing page to ask for financial credentials to make a payment for a service or item.

A giveaway that this is a fake landing page is to look for the presence of an incorrectly spelled website address, an unsecured connection, and/or missing navigation and footer bars. Fear tactics are often used in the original messaging of the email such as a message threatening to cancel an account, service, or order if the recipient doesn’t pay now or contact them immediately usually by following the link provided in the email. Fake pages will almost always have some type of form to collect data that deviates the user away from a company’s legitimate page.

Please be sure to alert your employees to the current trends in phishing scams, to keep them on their guard and to protect your business interests. And remember - Guaranty Bank & Trust will never contact you either by e-mail or by phone unsolicited and request your online banking credentials. To learn more about our online privacy practices for both business and personal accounts, come into a location today, visit us online, or give us a call at 888-572-9881.

Back to news