Connecticut businesses are facing a serious threat from a new email scam that could lead to significant financial losses and potential data breaches. As more people conduct business online, it’s more important than ever to recognize these risks and take the necessary countermeasures.

Understanding the Scam

Recently, several Connecticut businesses received emails that appeared to be legitimate communications from the Office of the Secretary of the State. These emails purported to require the recipient’s signature on a digital document via a link to Team OpenSign. To the unsuspecting eye, the messages seemed harmless—using the subject line: “The Office of the Secretary–Connecticut Business Registry has requested you to sign Connecticut Business Registry.”

However, clicking on the link could expose sensitive information to cybercriminals. The content of the email urges recipients, saying, “Your signature is crucial to proceed with the next steps as it signifies your agreement and authorization.” This language aims to create a false sense of urgency, making recipients more likely to proceed without questioning the email’s authenticity.

A Warning from Officials

On June 1, the Office of the Secretary of the State issued a public warning regarding this email scam, commonly referred to as a spoofing attack. In her statement, Secretary of the State Stephanie Thomas emphasized the increasing sophistication of cybercriminals. “It’s critical that businesses stay alert,” she stated.

Officials reiterated that the Secretary’s office will never send unsolicited documents for signature and advised the public to trust their instincts when something feels off. This warning highlights the need for vigilance in identifying deceptive communications, especially when they involve sensitive information.

Identifying Trusted Communications

In their guidance, the Secretary’s office provided several tips for recognizing and preventing potential cyberattacks. Here are some key takeaways:

• **Check the Email Address:**** Any communication from the Office of the Secretary of the State will always come from an official @ct.gov email address.
• **Verify the Sender:**** Most email applications allow you to check the actual sender by hovering over the “from” address. If it does not end in @ct.gov, it’s likely a scam.
• **Beware of Lookalike Domains:**** Cybercriminals can create emails that look very similar to official ones. Always check for tiny differences in the email address, like @cct.gov or @ct-gov.org.

These precautions can make a big difference in protecting yourself and your business from scams.

Security Measures to Implement

In addition to the above tips, the Secretary’s office shared important security reminders to bolster defenses against potential threats:

• **Don’t Click Suspicious Links:**** If you suspect an email is malicious, do not respond or click on any links.
• **Go Directly to Official Sites:**** All business filings can be completed by visiting business.ct.gov directly. Avoid clicking links in emails, even if they appear to come from an official government email.
• **Secure Your Credentials:**** Keep your business.ct.gov login details private and enable multi-factor authentication for increased security.

Adhering to these security measures can help you navigate the digital landscape safely.

What this means for you

The rise of email scams poses a genuine risk for individuals and businesses alike. By staying informed and cautious, you can protect your sensitive information. If you ever need to review legal documents, such as contracts or agreements, legal-document-to-plain-english-translator/”>AI legalese decoder can help clarify the fine print in a matter of seconds.

Source: https://www.cbia.com/news/small-business/malicious-email-scam-targets-businesses