Cyber Scam Targets Small Businesses through Their Accounting Software
There is a clever phishing scam that is one of many fraudulent attempts to con small businesses through their accounting software. With more employees working from home nowadays, there has been an increase in phishing and other cyber threats. This particular rip-off targets QuickBooks users, but it could apply to any software. The Better Business Bureau’s website explains how the scam works:
The business receives an email containing the subject line ''QuickBooks Support: Change Request.'' The message is ''a confirmation'' that you changed your business name with Intuit, QuickBooks' manufacturer. You think it must be a mistake, because you never made such a request. You're grateful to see that the email contains a link to cancel.
The link is just bait. Clicking it will install malware on your device, capturing your passwords and hunting for sensitive information. In other words, they get the keys to steal your company's identity.
The BBB also gives a few basic tips on how to protect yourself from cyberthieves:
- Check the email address the message came from. The address should be on a company domain, such as jsmith@company.com.
- Check the destination of links: Hover the cursor over links to see where they lead. Be sure the link points to the correct domain (www.companyname.com), not a variation such as companyname.othersite.com or almostcompanyname.com.
- Consider how the organization normally contacts you. If an organization normally reaches you by mail, be suspicious if you suddenly start receiving emails or text messages without ever opting in to the new form of communication.
- Be cautious of generic emails. Scammers try to cast a wide net by including little or no specific information in their fake emails. Be especially wary of messages you have not subscribed to or companies you have never done business with in the past.
- Don't believe what you see. Just because an email looks real, doesn't mean it is. Scammers can fake anything from a company logo to the "Sent" email address.
As global cybercrimes continue to increase, US firms are relentlessly pressured to update their security systems to keep ahead of these criminals. It’s even worse for consumers of small businesses. In many cases, consumers just don't have the time or resources to protect themselves.
Protection against cybercrimes is the central reason more and more consumers don't want their bills and legal documents sent to their personal email addresses. Residential customers across multiple generations, as well as many businesses, prefer the US Postal Service to deliver their bills and invoices, and the easiest and most cost-effective way to mail them is to use DocuSend, the cloud-based mailroom. From a security perspective, it's an unbeatable combination. The USPS is protected by more than 200 federal laws, and using DocuSend is faster than buying a stamp! You can try it any time by uploading your documents online, as it is a pay-as-you-go service that requires no monthly contracts, minimum quantity of mail pieces, or fees for use. QuickBooks Online and FreshBooks users can integrate the DocuSend app at the app store and mail the created invoices right from their accounting app.
For more information on email security best practices, read these tips from CapstoneIT. And share your thoughts on this article in the comments section.