Issue link: https://nebusinessmedia.uberflip.com/i/1175758
14 Worcester Business Journal | October 14, 2019 | wbjournal.com F O C U S I N F O R M A T I O N T E C H N O L O G Y UniBank's team of business experts provide customized solutions that help you meet the modern-day demands of running a business. Our comprehensive suite of products and services, including our UniPay Online Payment solution, were designed to provide businesses the competitive edge needed to strategically navigate fi nancial challenges. You you. bank Member FDIC/Member DIF Contact one of our experts or visit unibank.com to fi nd out more. Sean O'Connell VP, Director of Business & Consumer Banking 508.849.4346 Robert E. Paulsen, Jr. SVP, Senior Lending Offi cer 508.849.4335 Kristy L. Genga AVP, UniPay Business Sales Offi cer 508.849.4245 John S. Kelley VP, Senior Commercial Real Estate Lender 508.849.4325 You be you. e new wave of CYBER ATTACKS BY GRANT WELKER Worcester Business Journal News Editor E mployees at F.W. Madigan, a Worcester construction contractor, regularly receive suspicious emails from their superiors. e problem is, the emails aren't really from their bosses, and the mes- sages are scams – attempts at tricking an employee into wiring money to someone, giving tax information or buying gi cards on their behalf. "I've had a bunch of them," said Dennis Serocki, F.W. Madigan's controller, who handles much of the small company's information tech- nology matters. "Email – it's very, very dangerous." F.W. Madigan is not alone. Cybersecurity was once nearly as simple as changing a password every so oen, or making it tougher to guess than, say, "password." Today, hacking – and those defend- ing against it – is far more complex. Even worries consumers once had about their credit card information being stolen, such as in the well-known case of Target in 2013, are less of a concern. For a lot of companies, worries have evolved into keeping valued informa- tion in the cloud, a more secure loca- tion in a tightly guarded data center than in a hard drive in an office ripe for a break-in. Attacks are increasingly coming in what's called phishing, when emails look to be from a boss, colleague or even a relative. ese emails may be from a hacker using that person's actual email ad- dress, but more oen, a closer inspec- tion will show an unexpected email address that's actually sending the message behind the familiar name. Enough workers are falling for the scams they're creating a major cost. A national Better Business Bureau study released in September showed $3.1 billion in reported losses over less than three and a half years starting in 2016. Last year, those losses totaled $1.3 billion. e emails almost always give a sense of urgency, the study said, perhaps through subject lines like "urgent/important" or asking, "Are you at your desk?" ose are the kinds of emails Serocki said he gets roughly weekly – and promptly deletes. He's taken to remind- ing workers at staff meetings of the dangers, even giving examples of some fraud attempts aimed at the company. F.W. Madigan works with an outside IT company and has bought cyber insurance to help in the event of a data breach or hack. "It's about implementing controls in your environment, and to make it easy for people to verify information," Serocki said. Evolving risks Passwords still are not changed oen enough or made difficult enough for hackers to guess. A major data-breach investigation by Verizon Media in 2017 said weak or stolen passwords were PHOTO ILLUSTRATION/DREAMSTIME.COM Businesses must now guard against phishing, identity the and data ransom schemes