Skip to content

Protect Your Business and Personal Finances from Phishing

Phishing is a cybercrime that occurs when you receive an email, phone call or text message from someone posing as a legitimate person or organization to lure you into giving out sensitive information such as banking and credit card details or sensitive passwords. Once they receive your personal data, they use the information to gain access to important accounts and the result can be identity theft and/or financial loss.

How to Recognize Phishing

Scammers launch thousands of phishing attacks every day on unsuspecting individuals and businesses alike. Unfortunately, they’re often successful. Tactics may change over time, but there are some general guidelines to follow that will help you recognize a phishing email or text message.

  • Phishing emails and text messages generally look as if they are from a company you know or trust, like your bank, credit card company, an online payment site such as PayPal, or an online store. Be immediately suspicious if you receive such an email saying:
    • There has been suspicious activity or log-in attempts to your account
    • There is a problem with your account or payment information
    • You must confirm sensitive, personal information
    • You need to click on a link to make a payment
    • You can receive something for “free” if you click on a link
  • Legitimate businesses will not ask you for sensitive information via email, as it is not considered a safe method for communicating this type of information. If you receive such an email, you should delete or ignore it.
  • If an email promises you something too good to be true, it probably is. Attractive offers are meant to distract you from inconsistencies or other details in the message that raise red flags. If you receive an email from anyone offering a large sum of money, a vacation, a new car, or some other extravagant prize, verify the sender or ignore the email altogether.
  • If you receive an email that demands you act quickly or suffer negative actions, don’t let your emotions take over. Take time to read and truly understand the message. A legitimate business or government agency will not send an email threatening negative consequence if you do not act quickly or comply with the message’s instructions.

Ways to Protect Your Business from Phishing

A recent report published by Verizon states that 90% of all corporate data breaches can be traced back to a phishing attempt. The average cost of a successful phishing scheme now costs a medium sized business $1.6 million, making it imperative that business owners and employees know how to recognize a scam.

Phishing scammers are constantly changing their tactics which makes recognizing a scam more difficult. When a phishing scam is sophisticated, it is easy for business owners and their employees to fall for it. The strongest line of defense for a business to prevent phishing is to educate all its employees. However, if the proper tools and safeguards are in place, most phishing attacks will be thwarted before the email hits someone’s inbox.

  • Use email filters: No email filter will guarantee that you never receive a malicious email; however, it does help and can be easily implemented. Not all email providers provide the same level of spam and junk filtering, so do some research to find out what is most effective.
  • Utilize security software: Antivirus and firewall programs can be quite effective at protecting your business from phishing attacks. You can go one step further and use a web filter to prevent your employees from gaining access to possibly malicious websites.
  • Regularly update all of your software: You can minimize your exposure to phishing scams by ensuring that your company’s software stays current with the latest security patches and updates. Schedule regular software updates like any other project and make it a point to monitor the status of all software and equipment. The Federal Trade Commission recommends keeping the following updated:
    • Security software
    • Operating system software
    • Internet browsers and apps
  • Obtain a virtual private network (VPN): VPN software can ensure security while online and is especially critical if you or your employees ever use public WiFi connections to access sensitive information. If you have employees who work remotely, require encryption, and connect them to your server over the VPN to prevent access to suspicious sites.
  • Require two-step verification: Most banks and other financial related websites offer two-step verification as an extra layer of security. When signing into the account, you are sent a verification code via text or email and is required in order to login.
  • Establish a corporate password policy: A corporate wide password policy regarding expiration and allowable passwords will safeguard access to important sites. A requirement for the use of numbers, letters, and special characters along with minimum password length will ensure that passwords are more difficult to hack.

Ways Your Employees Can Avoid Phishing Attacks

If you educate your employees on what to look for and how to respond, they are much less likely to become a victim of a phishing scam. Make sure they know who to contact if they are ever unsure about a suspicious email. Include training on company security measures in new employee orientations. Then, keep employees updated regarding any changes to your security policies and procedures. Employees can follow some basic guidelines that will further help to prevent phishing attacks:

  • Be cautious with emails from unknown senders: Spam filters will help weed out suspicious messages, but not 100% of the time. If an email’s content looks suspicious (even if it’s from someone they usually trust), forward the message back to the person and ask for confirmation, rather than immediately responding to them. If time is critical, call the sender to confirm their message.
  • Be on the lookout for spoofing emails: Email spoofing is a form of cyber-attack in which a hacker sends an email that has been manipulated to seem as if it originated from a trusted source. For instance, “johnsmith@acme.com” might be changed to “johnsnith@acme.com.” If John is someone you talk to regularly, you may not notice that the “m” in “Smith” was changed to an “n.” Some phishers use actual company logos in their emails to make them look like the real thing.
  • Never provide personal information over email: If anyone requests personal or confidential information via email, even if they are someone trusted, verify the request directly to the sender of the email. Legitimate people and organizations do not ask for sensitive information via email. If you can confirm the request via phone, text or direct email, you have a better chance of avoiding danger.
  • Do not indiscriminately click on links in emails: If an email or link looks suspicious, open a new browser window, and type the link URL into the address bar rather than clicking. You can also detect dangerous links by hovering your cursor over the email sender or the link. If the link is malicious, it will probably not match the email or link description.
  • Be on the alert for emails with threats or requests with urgent deadlines: When an email creates a sense of danger or urgency (such as the threat of a late fee or account closure), people are more likely to make snap decisions. If you are unsure, it is best to contact the person in question by phone or their website.
  • Pay close attention to the content of emails: Phishing scammers often run schemes from other countries, and not all are sophisticated. When you receive an email that has a lot of spelling and grammar errors, or content or images that don’t look quite “right,” this should raise a red flag.

The Bottom Line on Phishing and Other Cyber Attacks

A phishing incident or any other cyber scam could be devastating to your financial resources, not to mention the cost of losing your customers if their personal information has been compromised. Cyber criminals aren’t just after your business’s sensitive data, they’re also after the data you maintain for customers and their business transactions. Ultimately, the greatest cost of a successful phishing scheme to a business may not be stolen funds — it could be the damage to your business’s reputation. That’s why it’s more important than ever for businesses to establish guidelines and train employees on business security measures. At Allegiance Bank, we want to help you minimize vulnerabilities, keep your operations running smoothly and maintain the trust your customers have in your business.

Receive News and Insights from Allegiance Bank

Stay Connected

Enter your name and email address to receive Allegiance Bank news in your inbox.

When users fill out this form, they are requesting to be added to Allegiance Bank's email distribution list.

YOU MIGHT LIKE...

Banker Spotlight: Chetan Patel

At Allegiance, we serve our communities and each other. In today’s banker spotlight, we recognize Chetan Patel,… Learn More >

Hunger Action Month

This blog aims to raise awareness about food insecurity for Hunger Action Month which affects approximately 1… Learn More >

Mindful Living

This blog discusses steps you can take to practice mindful living and to prevent stress from getting… Learn More >

Protect Your Business and Personal Finances from Phishing

Learn how to recognize phishing and the ways to protect yourself, your employees, and your business from… Learn More >

Why It’s Important to Separate Personal and Business Finances

Learn six of the reasons that you should separate your business and personal finances. Learn More >

Allegiance Bank Customer Spotlight: Velvet Harris

In this Allegiance Bank customer spotlight, learn more about Velvet Harris and her Houston real estate journey. Learn More >

Allegiance Bank Community Roundup

At Allegiance Bank, you’ll find our team hard at work at all of our 26 Greater Houston…

Learn More >

5 Benefits of Relationship Banking

Learn five of the reasons that you should focus on building a strong relationship with your banker. Learn More >

Banker Spotlight: Melinda Davison

At Allegiance, we’re a family comprised of the most extraordinary and experienced bankers in the industry. In… Learn More >

Inflation, Small Business, and What You Can Do

This blog discusses measures customers can take to help continue business success considering the current economic state. Learn More >