Cybersecurity threats continue to evolve, and unfortunately, so do the tactics used by cybercriminals. At SPEROS, we’ve seen an increase in targeted scams aimed at local businesses here in Savannah and across the region. Whether it’s fraudulent emails, impersonated tech support calls, or tampered QR codes, the risks are real—but they can be managed with the right awareness and security measures.
This month, we’re highlighting three trending cyber threats and sharing practical steps you can take to protect your business.
1. Business Email Compromise (BEC)
Business Email Compromise remains one of the most financially damaging cyber threats. According to the FBI’s 2024 Internet Crime Report, BEC scams led to $2.77 billion in reported losses.
In a typical BEC scam, attackers gain access to or spoof a legitimate business email account—often impersonating executives, vendors, or finance departments. These emails may request urgent wire transfers or changes to banking information. Because they come from familiar names or look nearly identical to legitimate emails, they can be difficult to detect.
How to protect your organization:
- Always verify financial requests by phone or in person, using a known contact number—not the one in the email.
- Double-check the sender’s email address for subtle changes or misspellings.
- Be cautious of any last-minute changes to payment instructions.
- Ensure your email system is protected with strong spam filters and multifactor authentication.
- Educate your team on how to recognize suspicious emails.
2. Tech Support Impersonation Scams
If someone calls claiming to be from Google or Microsoft about an urgent issue with your account, it’s best to proceed with caution. Scammers are posing as tech support agents, sounding professional and credible, and will often pressure you to click a link or share a verification code.
These scams are particularly dangerous because they often target small businesses that may not have dedicated IT support.
Important to know: Companies like Google do not call users about account security issues.
Tips to stay protected:
- If you receive an unexpected support call, hang up immediately.
- Never share passwords, verification codes, or click links unless you initiated the support request.
- Use strong, unique passwords and enable two-factor authentication wherever possible.
- Work with a trusted MSP to monitor and secure your systems.
3. Fake QR Codes
QR codes have become part of everyday life—used in restaurants, parking lots, ads, and more. Unfortunately, cybercriminals are taking advantage of this by replacing legitimate QR codes with fraudulent ones that redirect users to phishing websites or payment scams.
What to watch for:
- QR codes that appear to be stickers placed over existing codes.
- Codes on public flyers or signage that look tampered with.
- Unfamiliar links that pop up after scanning.
Security tips:
- Inspect QR codes carefully before scanning.
- If something looks suspicious, don’t scan it—go directly to the website instead.
- Use a secure QR scanning app that shows the destination URL before opening it.
Quick Tips to Avoid Scams
- Pause before acting. Scammers use urgency to pressure you. Take a moment to review before responding.
- Verify the source. Whether it’s an email, phone call, or QR code—make sure it’s legitimate.
- Don’t share personal info. If you didn’t initiate the interaction, don’t provide sensitive information.
Protecting your business starts with awareness. At SPEROS, we’re committed to helping Savannah and surrounding areas stay ahead of cybersecurity threats. From proactive monitoring and advanced email protection to employee training and secure network solutions, our team is here to help you build a strong defense against cybercrime.
Contact SPEROS today to schedule a cybersecurity consultation or learn more about how we can help protect your organization.
