The biggest cybersecurity threat to SMB is Business Email Compromise (BEC). While you may think that your email provider such as Microsoft or Google has this under control, think again!  Microsoft, Google, and others provide your company with an email platform to use for business purposes. It is up to YOUR company to configure your email platform so that it is secure! 

Email security is the single biggest loophole businesses leave wide open for cyber criminals to exploit. As a business owner, you are not exempt from this serious threat, but you can follow essential steps to ensure your business email is secure. Today is the first message in our three-part series to help you take these simple steps to keep your business under the radar of malicious cyber-attacks. Learn how these criminals infiltrate your email system, and then how they can use this information to jeopardize your company’s reputation and your financial stability.

IS YOUR COMPANY INFO ON THE DARK WEB?
When you think of a cybercriminal, you probably visualize someone in a dark room who spends hours on their computers trying to access a company’s data or financial resources. Today’s cybercriminal is more likely someone who purchased a software package from a vendor on the dark web that is preconfigured to deploy hacking strategies that gain access to your email account. The reality is most company domains already have dozens of IDs and passwords out on the dark web. If your employees reuse passwords on other sites, then you are at risk! (If you're an Atlanta-based business, just chat with me this week at navious.com, and I'll help you find out.)

The cybercriminal researches and targets businesses using these hacking tools to find company email IDs and passwords on the dark web. It is a misconception that your information and passwords are safe. For example, if you or any of your employees use your company email address and password combination to access other online services such as ParkMobile, LuminPDF, LinkedIn, or Dropbox, your company may already be exposed to a serious breach. 

LURKING CYBER CRIMINALS COULD BE RESEARCHING YOUR COMPANY NOW
Once your email and password are exposed, the criminal will spend weeks or months reviewing your past email communications, taking special note of your communication style so they can perfectly impersonate you. They look especially for your email contacts, where you bank, send or pay invoices, or wire money. Then they can move to the next phase, which is impersonating you, sending malicious emails to your contacts trying to extract money or gain access to your systems. Imagine the damage that could do.

EASY STEP for TODAY: Change your company email password to be unique, just for your company email, and not used on any other business or personal sites or apps. Ask your employees to do the same.

DARK WEB SEARCH FREE FOR ATLANTA-BASED BUSINESSES: If you would like to learn if any of your company email IDs are on the dark web, I will research that and give you a report. Just go to our website navious.com and chat with me on the site. There's no charge, but please reach out by chat (or email me at dwayne@navious.com) by Friday, March 10. 

Next week, we will follow up with some more advanced advice that every company's IT professional should follow to guard against BEC. If you use a MSP, or if you are looking for someone to help audit your company's IT security, Navious is ready to come along side you. You don't have to be technical to make a good decision to get technical help!