During these turbulent times it may seem overwhelming as we all navigate the uncharted waters and try to adjust to a new normal. Many of you may have noticed an increase in telephone and email scams requesting donations, personal, information and/or urgent requests like wire transfers. Business email compromise (BEC) and phishing email scams are on the rise – and you do not want to get “hooked”.
Phishing is a type of cybercrime that uses emails – disguised as coming from a person or organization you trust – in order to lure you into clicking a fraudulent link or providing access to sensitive information.
Hackers may be interested in targeting your intellectual property, financial account information or payment card data; and if one employee falls for a phishing attack, your entire system may be at risk.
As more people work remotely, unfortunately there are more opportunities for costly email compromise mistakes to be made. It’s important to stay vigilant and keep an eye out for these red flags:
- The email includes a request for your username and password, either by replying directly to the email or by clicking on a link that takes you to a site where you’re asked to input your information. No one in your organization should ever ask you for your password.
- The email appears to have been sent from the HR or IT department, but something doesn’t look quite right.
- There are grammatical errors in the email or subject line.
- You do not know the sender, and the email has an unexpected attachment.
- The email contains email addresses that don’t match between the header and the body, are misspelled (like @gmaill.com), or have unusual formats (@company-othersite.com).
- The email includes links or email addresses that, when you hover over them, list a different destination than described.
- They try to create a sense of urgency in order to get you to respond.
Your email spam filters may keep some phishing emails out of your inbox. Unfortunately, scammers are always trying to outsmart spam filters, therefore, we encourage you to add extra layers of protection. Consider the additional measures below to protect yourself from phishing attacks:
- Implement dual-multi factor authentication measures to protect your devices and accounts
- Utilize cybersecurity software to protect data stored on your computer and mobile devices
- Confirm the legitimacy of email requests prior to replying
Alliance Association Bank offers services1 to help prevent online payment fraud. These services are designed to help your management company and associations thwart fraud attempts from cybercriminals, especially in this time when we all need to be more vigilant than ever.
ACH Positive Pay
Protect your business from electronic fraud with our ACH Positive Pay solution. Only electronic payments that you provide will be processed for payment. You will review all other pending debits on the account and any unauthorized ACH debits will be credited back to your account.
Check Positive Pay
Ensure that you only pay checks you have issued and only in the amount in which you issued the check with the Check Positive Pay solution. It is a secure and effective way to protect your financial assets by detecting potentially fraudulent check activity.
Add Check Payee Positive Pay to provide another layer of protection, as we also confirm the payee name before releasing payment.
For more information about Alliance Association Bank or to receive these cybersecurity resources electronically to share with others, please contact Lisa Elkan, Vice President of Alliance Association Bank at lelkan@allianceassociationbank.com
Alliance Association Bank is a division of Western Alliance Bank. Member FDIC.
1Requires enrollment in Business Online Banking. Refer to disclosures provided at account opening for additional information.