ZAG Technical Services says agriculture businesses should be on alert amid a rise in sophisticated phishing schemes that aim to compromise email accounts and gain access to sensitive information.
Attackers use compromised email accounts to send fraudulent messages that appear to come from trusted sources, according to a news release. Hackers also sign up for services such as Dropbox with the compromised accounts to enhance credibility.
The IT firm said the layered approach to the phishing emails makes it seem legitimate and complicates the detection of the malicious emails. Recently, phishing schemes send sales teams fraudulent purchase orders from supposed customers, according to the release.
ZAG Technical Services encourages ag businesses to focus on the behavior of the sender to help identify fraudulent emails. Red flags include unusual requests, such as an urgent purchase order or links requiring immediate action. The firm also said if a purported CEO sends an unexpected Dropbox link and follows up insistently, the recipient should question the legitimacy of the email.
Here are steps to take if someone suspects a phishing email, according to ZAG Technical Services:
- Verify the sender — Call a verified phone number of the person who supposedly sent the email to confirm its authenticity. Do not reply to the email, click on any links or call any numbers noted in the email.
- Contact leadership — Notify the CEO, chief financial officer or controller to check for any attempted ACH fraud.
- Involve IT — Engage the IT team to trace the origin of the email and assess the threat.
- Avoid forwarding suspicious emails — Do not forward the email to others to test links or attachments.
- Seek expert opinion — If in doubt, get a second opinion.
ZAG said these phishing attacks are strategic attempts to exploit vulnerabilities for financial gain. Many phishing operations target agriculture because of the many points of connection between businesses and vendors, the release said. Attackers seek access to networks to obtain sensitive information, initiate fraudulent ACH transactions and extort ransomware payments through crytoblocking.
“Imagine the domino effect if a cyber attacker gained access to a school system, not only accessing student information but also learning about parents’ workplaces and potentially compromising those systems as well,” Allen Santana, cybersecurity operations manager for ZAG Technical Services, said in the release. “Similarly, the interconnected nature of agribusiness makes it a prime target for scammers.”
No business is too small to be attacked, the IT firm said, adding that it’s important to educate and remind employees about the signs of controls regularly.
Agribusinesses should also implement layers of control in financial processes like ACH transactions to prevent single points of failure. ZAG Technical Services said agribusinesses should consider requiring multiple approvals for financial transactions to prevent invoices from being paid out to attackers.
