Malware threats are constantly evolving as cybercriminals find new ways to infect computer systems. There has been an alarming increase in the use of banking-focused malware, designed to steal the internet banking information of your business. Typically, this comes in the form of a phishing email, branded as an invoice from your accounting software or bank. Clicking on the link or attachment in the email may allow the malware to become installed on your device, adding malicious plugins.

What these plugins gain access to:

  • Login details
  • Passwords

Distressingly, cybercriminals can use these details to access your business’s bank account.

What we recommend looking out for:

  • Unexpected invoices or banking requests sent via email.
  • Impersonal emails making personal requests for your business.
  • Grammatical errors, including spelling mistakes and poor punctuation.
  • Unfamiliar attachments that require your permission or authentication.
  • Unusual requests, such as enabling macros or adjusting security settings.
  • The senders name not corresponding with their email address.

An example of a phishing email can be seen below:

Our proactive suggestions for keeping your business safe:

  • Keep your businesses anti-virus software up to date and run regular scans to test the vulnerability of your network.
  • Have adequate security for your network and internet access.
  • Ensure all applications, devices, and operating systems are up to date. Allowing automatic updates may make this easier for you to manage.
  • Don’t give out personal or business information by email.
  • Be aware of unusual activity and if concerned seek advice.
  • Educate your team about these threats and develop internal processes to mitigate these risks.

Recently, Cert NZ has reported a spike in invoice phishing scams targeting New Zealand businesses. It is therefore important for us all to be educated about this potential security threat. If you have any questions regarding your cybersecurity, please email us or call us on 07 957 2650.

Let’s support each other in staying one step ahead of malicious malware!