VIEWpoint Issue 2 | 2022
Inflation Reduction Act: Highlights of Key Changes for You and Yo...
2022-2023 Tax Planning Guide
Texas Travel Industry Recovery Grant Program Reopens on February...
CFPB Issues Credit Card Late Fee Proposed Rule
Is It Time to Update Your Accounting Practices?
If you’ve been in business for any amount of time, you probably don’t need anyone to tell you about the importance of cybersecurity. However, unlike the lock to a physical door, which generally lasts a good long time, measures you take to protect your company from hackers and malware need to be updated and reinforced much more regularly.
Most of today’s business cyberattacks fall into two main categories: ransomware and social engineering.
In a ransomware attack, hackers infiltrate a company’s computer network, encrypt or freeze critical data, and hold that data hostage until their ransom demands are met. It’s become a highly common form of cybercrime. Just one example, which occurred in October 2022, involved a major health care system that had recently executed a major M&A deal.
On the other hand, social engineering attacks use manipulation and pressure to trick employees into granting cybercriminals access to internal systems or bank accounts. The two most common forms of social engineering are phishing and business email compromise (BEC).
In a typical phishing scam, cyberthieves send fake, but often real-looking, emails to employees to entice them into downloading attachments that contain malware. Or they try to get employees to click on links that automatically download the malware.
In either case, once installed on an employee’s computer, the malware can give hackers remote access to a company’s computer network — including customer data and bank accounts. (Also beware of “smishing,” which is when fraudsters use text messages for the same purpose.)
BEC attacks are similar. Here, cyberthieves send fake emails mainly to accounting employees saying the company’s bank accounts have been frozen because of fraud. The emails instruct employees to reply with account usernames and passwords to supposedly resolve the problem. With this information, thieves can wreak financial havoc — including initiating unauthorized wire transfers — which can be difficult, if not impossible, to reverse.
Here are a few things you can do to guard against cyberattacks:
None of the measures mentioned above are one-time activities. On a regular basis, businesses need to determine with their cybersecurity provider what new training employees need and whether there are better ways to secure IT infrastructure and sensitive data. Enlist the help of a cybersecurity provider, such as those at Doeren Mayhew, to assess, measure and track the costs associated with preserving your company’s cybersecurity. Contact us today to learn more.
This publication is distributed for informational purposes only, with the understanding that Doeren Mayhew is not rendering legal, accounting, or other professional opinions on specific facts for matters, and, accordingly, assumes no liability whatsoever in connection with its use. Should the reader have any questions regarding any of the news articles, it is recommended that a Doeren Mayhew representative be contacted.
A quick registration is required to view our resources.
You will only be asked to do this one time (unless you don't save your browser cookies).