crn5000-inc2015 BPTW logo
Contact us today!
(918) 770-8738

Integrated Business Technologies Blog

Integrated Business Technologies has been serving the Broken Arrow area since 2007, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Tip of the Week: How to Protect Yourself from Invoice Impersonation

As cybercriminals become increasingly sophisticated in their methods of attack, it is important that your staff--the ones on the front lines--are educated to spot these attempts and know what to do if one is encountered. In order to spot these attacks, it is important to know what to look for.

Unfortunately, the increased sophistication of these attacks have made them harder to spot and resultantly, harder to avoid. This has led to a rise in the use of an attack vector known as an invoice impersonation attack. When utilizing these attacks, a cybercriminal will send a message under an assumed name (often one that belongs to a regular contact in actuality) that includes an invoice number and a link, presumably to download the invoice.

However, rather than downloading the invoice, as expected, the target of an attack will discover that they have actually downloaded some malware. This is often how ransomware is introduced into a system.

Warning Signs
To avoid falling victim to an invoice impersonation attack--or any form of email phishing or fraud--your users should know to keep their eyes out for any warning signs.

Messages containing a payment request and link
One of the bigger security issues with the concept of email is the fact that most users can only take it on good faith that the message comes from the person it appears to have. There is no voice to identify as someone else’s, and no handwriting to compare to the actual person’s.

Therefore, if an email comes from someone with a request for payments to be made, with a link to what is claimed to be a payment portal, don’t click. You might have just dodged a ransomware program delivered via a phishing attempt.

How to Protect Your Business (with the Help of Your Employees)
Phishing attacks, including invoice impersonation attacks, rely on their target to trust the content enough to not question if the sender is who they say they are. As such, they can be avoided with a little mindfulness on the part of your employees.

Make sure your employees know to keep an eye out for risk factors. Requiring regular training sessions as well as testing their cybersecurity mindfulness will help to keep awareness alive and well among your staff members.

Furthermore, you should have updated spam filters and malware blockers installed to help minimize the risk that these messages even make it to your staff in the first place. This is where Integrated Business Technologies can help.

If you’re interested in the solutions we have that can help make cyberthreats a non-issue, give us a call at (918) 770-8738.



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Saturday, 24 February 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!


      Tag Cloud

      Security Technology Tip of the Week Business Management Privacy Managed Service Provider Internet Microsoft Cloud Saving Money Productivity Business Computing Workplace Tips Best Practices IT Services Backup Hackers Hosted Solutions Malware Mobile Devices IT Support Email Small Business Business Software Hardware Network Data Smartphones Communication Server Upgrade Windows Business Continuity Mobile Device Management VoIP Google Virtualization Efficiency Microsoft Office Disaster Recovery Miscellaneous Computer Mobile Office Vendor Management Gadgets Holiday Innovation Android Social Media Quick Tips WiFi Outsourced IT BYOD Smartphone Windows 10 User Tips Mobile Computing Remote Monitoring Browser Bring Your Own Device Best Practice Passwords Wireless Technology Spam Internet of Things Network Security Users The Internet of Things Trending Operating System Apple Content Filtering Remote Computing History Going Green Managed IT services Alert Firewall Ransomware Printer Tech Support Gmail Information Technology Current Events Data Backup Big Data Analytics IT Solutions Office Save Money Lithium-ion Battery Data Management IT Consultant Unified Threat Management Managed IT Windows 8 Artificial Intelligence Humor Saving Time Encryption Avoiding Downtime Maintenance App Facebook Hard Drives Customer Relationship Management Antivirus Office Tips Retail Document Management Marketing Phishing Excel Digital Payment IT service Risk Management Data Recovery Business Growth Employer-Employee Relationship Apps Application Customer Service Hacking Virus Computers Phone System Fax Server Collaboration Two-factor Authentication Outlook Health Automation Recovery Money Cybersecurity Social Applications Net Neutrality Router Running Cable Inbound Marketing Mobile Device Licensing VPN PowerPoint Chrome Tablet Training Office 365 iPhone Password Project Management Administration Augmented Reality User Error Co-Managed IT Presentation Budget Proactive IT Computer Repair Data Security Mouse End of Support User Programming LiFi Computing Analyitcs Education Tip of the week Scam IBM Mobility Safety Specifications Settings File Sharing Government Wearable Technology Wireless Social Networking Cybercrime Save Time HIPAA Display Alerts Wi-Fi Hiring/Firing Files Website Statistics Intranet Business Intelligence Redundancy Competition Help Desk Bandwidth Network Congestion Mobile Security Downtime Managed IT Services Flexibility Hosted Solution Piracy Search Data storage Paperless Office Virtual Desktop USB Sports Business Owner Robot Unified Communications Point of Sale Hacker Printing Legislation Company Culture Twitter Windows 10 Techology Virtual Reality Dark Web Touchscreen IP Address Cooperation Monitors Disaster Resistance SaaS Refrigeration Deep Learning Disaster Data Warehousing Google Wallet Staff Writing Software as a Service Scheduling Server Management IT Consulting Cost Management Digital Signature Microsoft Excel Operations Memory Cloud Computing Drones Social Engineering Buisness Technology Tips Conferencing Laptop Data Breach Telephony Identities Blockchain Software Tips PC Care Backups Documents Entrepreneur CIO Comparison Value Vulnerability Halloween Technology Laws eBay Undo Solid State Drive Permissions IT Technicians People Remote Support 5G Leadership Legal PDF New Additions Compliance Black Friday Skype Streaming Media Virtual Private Network Scary Stories Print Server Unified Threat Management Text Messaging Private Cloud Alt Codes Fraud Mirgation Macro Work Station Infrastructure Congratulations Regulations YouTube Cyber Monday LinkedIn Law Firm IT Access Control Video Surveillance Public Cloud Domains Typing Internet Exlporer Windows 8.1 Update Recycling IT Support Fun Google Drive How To Word Smart Technology Best Available Gaming Console SharePoint Sync Public Speaking Cryptocurrency Cortana Google Docs eWaste Distributed Denial of Service Business Technology Bluetooth Downloads Mobile Device Managment Bitcoin Hotspot Multi-Factor Security Online Currency Data loss Knowledge Environment Networking communications Managed IT Service Computer Accessories Productivity Hacks Language Samsung Troubleshooting Debate Google Calendar IT Management Experience Heating/Cooling Break Fix Adminstration Crowdfunding 3D Travel Consumers Computing Infrastructure

      Top Blog

      Basically, any machine that uses fans and vents to cool itself can overheat if airflow is restricted. If you have used a laptop on your lap for an extended session, then you know what we are talking about when the computer becomes hot to the touch. Every portable device is designed a little diffe...