countries like China, Russia and North Korea becoming
more aggressive in cyberattacks, and everyday fraudsters
upping their game beyond the once easy-to-spot spam
emails filled with bad grammar, cybersecurity threats as
a whole are growing more ominous for individuals,
small-business owners and large corporations.
was part of the message delivered by George Smirnoff
III, senior vice president and chief information
security officer for Comerica Bank, in a speech earlier
this month in Detroit.
their mind, youíre low-hanging fruit," he said,
addressing a group of the bankís customers, which
include many small-business owners. "As executives,
guess what? Youíre all targets."
talked about a rip-off dubbed "the business email
compromise" that involves scammers impersonating a
companyís top managers with the goal of initiating an
international wire transfer. Such cybercriminals are
spoofing emails to make them look legitimate and, in
some cases, send messages that include details about new
vendors in need of immediate payment, which can rush
employees into making bad decisions, he said.
attacks, a form of phishing, are targeted toward
specific individuals, usually those who handle the bills
or wire money, he said. And in some cases, the fake
emails are strategically sent when the actual business
owner is away on vacation or traveling for business.
of the scammers are believed to be members of organized
crime groups from Africa, Eastern Europe and the Middle
East, the FBI has said.
sophisticated phishing email can bypass filters and
anti-virus programs. Even up-to-date, anti-virus
software wonít do much good if consumers or employees
carelessly download email attachments, experts say.
emails are getting very tricky," Smirnoff said.
is National Cyber Security Awareness Month, a campaign
headed by the Department of Homeland Security to raise
awareness about combatting online fraud and the
protection of personal information.
October, with all the news about emails being stolen
from Hillary Clintonís presidential campaign and the
hacking of state voter registration systems, the public
canít but be aware of the issue.
thatís probably a good thing. After all, weíre
facing phishing scams everywhere, from our homes to our
places of work.
are some ways to arm yourself against such threats:
a "coMplic@t3d" password
easy to think we donít have any control over
cybersecurity breaches, but a strong password remains a
solid defense, said Smirnoff and other experts.
strong password will have at least 12 characters that
include a mix of upper- and lower-case letters as well
as numbers and special characters. Donít reuse it on
vigilant and recognize that cybercrime pays
personal information has great value to crooks, who can
use it to open bogus accounts and file take tax returns.
Be sure to shred bank statements and unused credit card
offers before throwing anything away. Be cautious
downloading apps, especially from sources youíre
skeptical when you get an email from a CEO, your bank or
even a favorite retailer
a bank isnít going to ask you to confirm your Social
Security number or account number ó or ask for your
password ó via email or text.
before making a move and contact your bank directly.