A simple phishing email that attacks small businesses through their accounting software can cause big problems for an unsuspecting target.
You get an email thanking you for updating company information from the software support team. A link in the email that allows you to "cancel" the update will actually download malware if you click it. With this malware, the scammer has access to sensitive company information and the door is opened for more fraud.
Good tips for all emails
1. Check the reply email address. Be wary of emails that are sent from a different domain than the company they claim to be from.
2. Confirm the link destination. Hover over the link in the email before clicking on it to make sure it matches the company website you know. Never click on a link that you aren't sure about. Reach out to the company in question using a phone number or email address you know to be true.
3. Is the communication unusual or too generic? Consider if it seems unusual for the company to contact you via email. Be wary if the email seems vague or doesn't have the same tone as others that you've received.
Listen to your gut. If something doesn't seem quite right, check on it using a trusted means of communication with the vendor. If you have questions, or think you have been a victim of fraud, contact CAP COM at (518) 458-8986 or (800) 634-2340.