How to Protect Your Clinic Against Email Fraud

November 18, 2020   |   CM&F Group   |   In Cyber

We’ve all received one – an email from our “boss” requesting the purchase of gift cards or a link to send a wire transfer. As the internet and digital world continue to evolve at a rapid pace, so does the intelligence and craftiness of cyber attackers, ransomware and emotet.

Business Email Compromise, also known as BEC, is an email sent around to employees when hackers impersonate a business contact to trick the receiver, whether it be an employee, client or vendor into releasing monetary funds or sensitive information to offender.

Their criminal practices have become increasingly difficult to detect because they do not use malware or malicious URLs that can be detected by traditional software or defense tools.

It is critical to protect your emails, as well as your employees, from these potential email fraud scams.

  1. Implement “2 Factor Authentication” – Whether you are using Outlook, Gmail, Yahoo, AOL, or most other mainstream email platforms, your email provider likely has the option to set up 2 Factor Authentication for you and your employees. This two-step verification process provides two levels of security to the users to verify their identity. This makes it harder for cyber hackers to obtain access to devices, accounts, data, and other digital platforms and information.
  2. Stop Malicious Wire Transfers – In order to stop malware from gaining access to wire transfers and banking account information, you should install a firewall on your computer and/or network to prevent unauthorized access. You should also run anti?virus, -spyware, and -malware software on your computer and keep them updated. Try your best to only use one computer when doing online banking, create unique passwords, but never save these passwords to your browser.
  3. Train Employees – Awareness and training are likely the most effective ways to put a halt to BEC. First, bring to the attention of your employees the types of emails that are often the start of a scam. Second, have employees go through a formal training program followed by test phishing emails being sent to various employees over time.
  4. Configure Your Email System – Your email server should be configured to specific domains and IP addresses in order to be considered secure. Your IT team should be able to ensure these systems are setup accurately.
  5. Use Advanced Endpoint Protection – This tactic and technology combine machine learning, security analytics, and real-time threat intelligence to identify a potential cyber-attack or threat as early on as possible. This prevents the hacker or threat from entering your database or network in the first place.

At the end of the day, it is incredibly important to protect your career, your business, and your clients from the harmful and expensive threats caused by a data breach. The tools, services, and insurance provided by CM&F Group’s CyberProGuard can bring you peace of mind across your data and other digital records. Althouh wire fraud is not covered in all Cyber policies, CM&F can help you mitigate that risk. Learn how our 24/7/365 services and comprehensive insurance policy can save your business millions in cyber-attack damages.

Related Articles