Don’t immediately believe your caller ID or the email address line. These are easy for scammers to fake. If something seems fishy, it probably is. You should always call a trusted, pre-published number to verify an unexpected request, especially if it’s urgent.
How can you protect yourself?
- Make fraud reporting a part of your company culture. Educate your staff on all things cybersecurity-related. Remind them of the best practices and encourage them to report red flags.
- Have specific and comprehensive anti-fraud, anti-bribery, and anti-corruption company policies. Implement the policies and enforce consequences when an employee violates the agreement to make sure the message is clear that you take these things seriously.
- Perform surprise audits and inspections regularly. Regular checkups can help you spot fraudulent behavior and mitigate the damage immediately.
- Have a response plan—plan for all the situations you can think of and research those you can’t. Then, develop a plan that addresses the severity of each particular incidence. Ask things like, in this situation: Do you notify employees? Do you tell customers, and how? How will you restore your data? Every real-life scenario will be different, but by having a plan and practicing the plan, you can mitigate losses
- Keep detailed inventory and financial records to be able to prove any losses.
- Partner with proven and secure organizations, especially regarding a scammer’s number one target – your money.