info@itsoft.com
425-830-4000
Text us for projects to do
User login
ContactUs
AboutUs
User login
Please call ITsoft today 425-830-4000, so we can set an appointment with you, to come to your business and help your business’s IT SYSTEM to run much better

Please call ITsoft today 405-725-2002, so we can set an appointment with you, to come to your business and help your business's IT SYSTEM to run much better

Home
Umpqua Bank's logo of a golden yellow fir tree on a forest green background.
Many thanks to Umpqua Bank for being a great local resource.

It is my pleasure to share with you some information that I have gleaned from Umpqua Bank concerning some cybersecurity concerns. The following information was given to me to use by Umpqua Bank’s Redmond, WA branch Assistant Vice President, Alana McWade whom I have a relationship through our mutual networking group called 3N for No Nonsense Networking.

Business Email Compromise (BEC)
Hello from Umpqua,
We wanted to let you know that U.S. security experts are seeing more businesses falling victim to Business Email Compromise (BEC) attacks. These attacks occur when business email accounts are hacked or fraudsters impersonate someone close to your business. They’ll attempt to trick companies into sending wire transfers or writing checks to bank accounts owned by the attacker, and unfortunately their success rate has been on the rise. Since the FBI’s Internet Crime Complaint Center began tracking these scams in late 2013, more than 7,000 U.S. companies have been victimized—with total dollar losses exceeding $740 million.

In the paragraphs below, you’ll find three of the most common ways fraudsters will try to target and exploit your business email, as well as steps you can take to protect yourself. You can find more helpful information about these attacks at the FBI’s BEC resource page at: https://www.fbi.gov/news/stories/business-e-mail-compromise-on-the-rise.

At Umpqua Bank, we’re here to help minimize your risk and protect your business from unnecessary loss. If you believe that you’re a victim of a BEC attack, please contact us immediately at (866) 486-7782 or CustomerService@UmpquaBank.com.

FRAUD METHOD:  CEO Impersonation

OVERVIEW:  Fraudsters send emails which appear to come from a high-ranking official (e.g., CEO, CFO, Legal) to employees requesting an urgent wire transfer. Sophisticated techniques can make the “from” address in the email appear authentic. Believing the email is legitimate, the employee submits a wire through online banking or in person at a store.

CUSTOMERS: Businesses can defend against this attack by:
• Educating employees about this type of fraud—attackers will sometimes use addresses that are similar to familiar domains, e.g. abc_company.com vs. abc-company.com.
• Implementing a simple confirmation procedure. For example, if an employee receives an email requesting a wire transfer, require him or her to call the requestor back via a known good phone number (i.e., not the phone number listed in the email requesting the wire) and confirm the legitimacy of the request.

FRAUD METHOD:  Email Account Hack

 OVERVIEW:   A customer’s email account is hacked and fraudsters send emails directly to the bank requesting a wire transfer. The email may appear legitimate to the bank, as it is coming from a customer’s email account.

CUSTOMERS: A business employee may not know their email account has been hacked. Businesses should:
• Educate employees about this type of fraud.
• Consult with a cybersecurity professional to evaluate the how secure your computer systems are.
• Choose complex passwords for all email accounts, regularly update these passwords, and ensure that they aren’t reused not reused. Some good guidelines for choosing and creating strong passwords are available here. Use the latest operating system and applications, and make sure that the system is regularly updated.
• Use reputable anti-virus software that is up to date.
• Regularly review your bank account activity and statements to identify unauthorized transactions.
• Immediately report any suspicious activity to Umpqua Bank.

FRAUD METHOD: Vendor/supplier impersonation

OVERVIEW: Similar to CEO impersonation, fraudsters send emails that appear to come from a vendor or business supplier. Commonly, the email requests payment of an invoice via wire transfer to a specified bank account. Sophisticated techniques can make the “from” address in the email appear authentic. Believing the email is legitimate, the employee submits a wire through online banking or in person at a store.

CUSTOMERS: Same actions as CEO Fraud, with the focus on contacting the vendor.

UmpquaBank.com (866) 486-7782 Member FDIC Equal Housing Lender SBA Preferred Lender

Umpqua Bank's logo of a golden yellow fir tree on a forest green background.
Many thanks to Umpqua Bank for being a great local resource.
Menu

ITsost

ITsoft is a MSP (Managed Service Provider) that can provide managed services, such as all IT support with software Programming.

Mike Treat

ITsoft LLC

CEO Architect

425 830 4000

miket@itsoft.com

  • Give  your Company IT SUPPORT for all your office network
  • Get your company Cyber security setup and fully working
  • Transform your business app processes to be more efficient
  • Help your staff with training Windows Apps like Excel, Word
  • Program new business Apps for your staff, more efficiently

12720 Bristlecone Pine BLV Oklahoma ity 73142 www.itsoft.com