The Basics to Protecting Your Data

DG Technologies Cybersecurity: The Basics to Protecting Your Data

With DG Technologies having a major presence in various Cybersecurity events, teaching courses and implementing Cyber protection in all of our business and products, it is important to us to relay our message to our customers to secure technology in the transportation industry.

First, lets talk about Business Email Compromise, or BEC. Business Email Compromise is a rising phishing trend that relies on people’s helpfulness. Fraudsters use this type of phishing attack to impersonate an executive to con an employee into sending wire transfers to a fraudulent account. When successful, BEC attacks have a dramatic financial impact, accounting for approximately $1.8 billion in adjusted losses in 2020.

Hackers can even mimic login pages for business platforms users are familiar with such as Microsoft Office. These are used to steal credentials from links sent to recipients via email, prompting the user to log into their account, in turn stealing sensitive information. Now that the information is input into their mimic login page, scammers now have access to that users’ account.

Scams such as this caused 90% of data breaches in 2020. Employees are falling for phishing scams at an alarming rate. Therefore, it is important to educate employees on the risks of these emails, how to spot them and to pay attention to the emails they are receiving. Cybercriminals have ramped up their efforts due to their success in these attempts, and will only continue to do so as long as their tricks are effective.

Think before you click

Phishing attempts are avoidable, though it may be easier said than done. Step one in helping your business avoid phishing attempts is to make sure employees recognize them as soon as possible. Phishing emails encourage and trick users to click links, open attachments and take action on items. They can be very convincing and look almost identical to the site or page they are mimicking. According to Cisco’s 2021 cybersecurity report, at least one person clicked a phishing link in approximately 86% of organizations surveyed.

Below are a few ways to help identify an email attack in disguise:

  • You aren’t expecting the email or don’t recognize the sender. Never click any links or open attachments from suspicious emails.
  • The hyperlink directs to a different website. Hover your mouse over a URL without clicking it to display the actual link at the bottom of your browser window. If the link is different from what you expect, don’t click it.
  • The email is unexpected but includes company branding. Don’t assume emails with the correct company logo or colors are legitimate. Cybercriminals often use professional “phishing kits” to match the logo, website, and email formats of organizations.
  • The email contains typos and grammatical errors. Cybercriminals often have errors in their phishing attacks found in the subject line, email address, email body, or URLs.
  • The email demands you send personal or confidential information, such as account numbers, login credentials, or passwords. Financial institutions and government agencies will never email you to request this type of personal information.
  • The email includes urgent messages or threats. Cybercriminals count on recipients to act without thinking and include wording such as, “We suspended your account due to unusual activity. Click here now to verify your name and date of birth!”
  • The “sender” is an executive demanding money via wire transfer or gift card. Don’t act rashly when you see urgent emails from executives within your company.

Your first line of defense: Your Employees

Make sure you are educating employees and on the signs of a phishing email attempt. Cybercriminals are targeting employees all over the world , having educated employees can significantly reduce the risk of a potential attacks.

  • Create a robust security awareness program. Preventing fraud begins with training your employees. Your cybersecurity protocols are only as strong as your weakest employee when it comes to cybersecurity know-how. Continuously train employees on the newest methods of cyberattacks and preventative measures.
  • Add an external email banner. This is a banner that appears at the top of emails when the sender is from outside your organization. Using an external email banner draws attention to the fact that the message isn’t from someone within the company, which can help your employees be more vigilant to potential phishing attempts.
  • Empower employees to verify vendor requests. Fraudsters watch traffic between companies to identify the vendors they use, then pose as those vendors to request changes to an existing account or divert funds to new account. Employees should be trained to contact vendors using other established communication channels to verify any unexpected or suspicious request.
  • Put a reporting process in place. Develop a process for employees to report suspicious emails to your cybersecurity team. Remind employees that reporting these emails can help to protect them, their fellow colleagues, and the entire organization from fraud.

Cybersecurity is an ever-growing concern especially in the transportation industry and it cannot be understated the importance of keeping employees and customers informed to prevent as many attacks as possible.

We hope this article can shed some light on the threats we see today and encourage all to follow DG Technologies for more information on Cybersecurity, and how to keep your company safe from online threats.

DG Technologies
33604 W Eight Mile Rd.
Farmington Hills, MI 48335
(248) 888-2000

Follow DG!


Leave a Reply