© Bank of America Corporation. All rights reserved.
Steps you can take to defend against phishing, smishing and other forms of cyber attack
CYBER CRIMINALS SEND OUT a staggering number of bogus messages to businesses every year via email or messaging platforms. They’re “phishing” for ways to access proprietary and confidential data, or they’re trying to trick employees into taking an action that will benefit them—and harm your business.
These phishing attempts are usually called smishing when cyber criminals use SMS or messaging apps. They often use a tactic called spoofing, or impersonating a legitimate business or person, in an attempt to fool employees into clicking a link, opening an attachment, changing account information or conducting a financial transaction.
Clicking those links or opening those attachments can automatically install malware, which, depending on the type, could give the criminals access to your computer or device, install ransomware (in which malware infiltrates your system and cyber criminals hold your business hostage until a fee is paid), and even allow them to burrow further into your company's servers or the cloud. Let them in and they could steal your company’s confidential information and destroy the reputation you’ve worked hard to build with customers.
While the impact of such a cyber event can seem overwhelming, there are things you can consider doing to help protect your business, your customers and your employees from email scams. Consider these best practices:
Neither Bank of America nor its affiliates provide information security or information technology (IT) consulting services. This material is provided "as is,“ with no guarantee of completeness, accuracy, timeliness or of the results obtained from the use of this material, and without warranty of any kind, express or implied, including, but not limited to warranties of performance, quality and fitness for a particular purpose. This material should be regarded as general information on information security and IT considerations and is not intended to provide specific information security or IT advice nor is it any substitute for your own independent investigations. If you have questions regarding your particular IT system or information security concerns, please contact your IT or information security advisor.