Among a number of recommendations to avoid Spearphishing (aka Business Email Compromise – BEC) the FBI recommends that “employees to use two-factor authentication to access corporate e-mail accounts.” The November 14, 2017 FBI News Report entitled “FBI Tech Tuesday—Digital Defense Against Business E-mail Compromises” included this advice about training employees to:
- watch for suspicious requests, such as a change in a vendor’s payment location
- avoid clicking on links or attachments from unknown senders. Doing so could download malware onto your company’s computers, making you vulnerable to a hack.
All good advice, but Spearphishing/BEC continues to cause substantial losses…so people really need to follow this advice!