If you think your business is a victim to a phishing scam, we recommend that you act immediately by following our guidelines below, and then proceed to our ReportRecover, and Reinforce sections for further assistance. Remember, a phishing scam can affect your business’s finances, privacy, and reputation.

Some Immediate Action Steps to Take

Report

Reporting cybercrime incidents to the FBI Internet Crime Complaint Center (IC3) is very important! The more national reporting data that is collected, the better the chance law enforcement has to catch the criminals and decrease online crime. Although the FBI does not resolve individual complaints directly, they will make your report available to local, state and other law enforcement partners. The FAQs about reporting can be found here. Please read the FBI/IC3 privacy policy here. (If you believe that you’ve received a phishing email, please forward the email directly to spam@uce.gov and
reportphishing@apwg.org.)

Recover

These resources have been gathered, selected and vetted to help simplify the process of recovering after a cybercrime incident has taken place. You may need to contact organizations outside Fraudsupport.org. Results will vary depending on your circumstances.

Reinforce

Once you have notified the appropriate organizations and you are on the road to recovery, it is time to reinforce your cybersecurity using these resources and tools.

Implement Preventive Measures

  • Keep the operating system and security software up to date on all devices in your organization’s network.
  • Routinely back up your business’s data in a secure location.
  • Advise your employees to never click on a link or open an email attachment from someone they don’t know and verify before clicking on an email from a trusted source that you are not expecting.
  • Train your staff with KnowBe4’s Security Awareness Training.
  • Establish procedures and open lines of communication to help protect your business and lessen the impact of potential cybercrime.
  • Be sure websites are secure before submitting sensitive information. Find out how to spot a fake website.
  • Create strong passwords. Learn how from ConnectSafely.org.
  • Always enable a two-step/factor verification on your email, social media and other online accounts– which requires an additional code to log in.