Business Email Imposters

Download as pdf or txt
Download as pdf or txt
You are on page 1of 2

CYBERSECURITY FOR

SMALL BUSINESS

BUSINESS
EMAIL IMPOSTERS
A scammer sets up an email address Scammers do this to get passwords and
that looks like it’s from your company. bank account numbers or to get someone
to send them money. When this happens,
Then the scammer sends out messages using your company has a lot to lose. Customers
that email address. This practice is called and partners might lose trust and take their
spoofing, and the scammer is what we call a business elsewhere — and your business
business email imposter. could then lose money.

HOW TO PROTECT YOUR BUSINESS

Use email authentication Keep your security Train your staff


When you set up your up to date Teach them how to avoid
business’s email, make sure Always install the latest patches phishing scams and show
the email provider offers email and updates. Set them to them some of the common
authentication technology. That update automatically on your ways attackers can infect
way, when you send an email network. Look for additional computers and devices
from your company’s server, the means of protection, like with malware. Include tips
receiving servers can confirm intrusion prevention software, for spotting and protecting
that the email is really from you. which checks your network for against cyber threats in your
If it’s not, the receiving servers suspicious activity and sends regular employee trainings
may block the email and foil a you alerts if it finds any. and communications.
business email imposter.

LEARN MORE AT:


FTC.gov/SmallBusiness
CYBERSECURITY FOR

SMALL BUSINESS

WHAT TO DO
IF SOMEONE SPOOFS YOUR COMPANY’S EMAIL

Report it
Report the scam to local law enforcement, the FBI’s Internet
Crime Complaint Center at IC3.gov, and the FTC at FTC.gov/
Complaint. You can also forward phishing emails to spam@
uce.gov (an address used by the FTC) and to reportphishing@
apwg.org (an address used by the Anti-Phishing Working
Group, which includes ISPs, security vendors, financial
institutions, and law enforcement agencies).

Notify your customers


If you find out scammers are impersonating your business, tell
your customers as soon as possible — by mail, email, or social
media. If you email your customers, send an email without
hyperlinks. You don’t want your notification email to look like
a phishing scam. Remind customers not to share any personal
information through email or text. If your customers’ data was
stolen, direct them to IdentityTheft.gov to get a recovery plan.

Alert your staff


Use this experience to update your security practices and train
your staff about cyber threats.

LEARN MORE AT:


FTC.gov/SmallBusiness

You might also like