Jitasa Nonprofit Blog

Avoiding and Handling Email Fraud

In a world where technology is king it isn’t difficult to have your entire life taken over by one mediocre hacker or malware program. As a nonprofit, such a hack can severely affect your organization. Think about what you keep in your email…bank information, donor records and contact information, personal details, etc. If such information fell into the wrong hands it could have a detrimental effect, making password security and internal controls a critical requirement for your nonprofit.

Preventing an email hack

Don’t send important info via your email

Email communication has an inherent flaw in that it is not designed nor required to maintain privacy. It can be easy to get to and easy to take advantage of (especially when you have access to it on multiple devices). This is why you should NEVER send important information via email.

Don’t mix emails

Have an email for work and an email for home, and don’t comingle to two. This will limit the information stolen in the event of a hack. Plus, you don’t have any expectation of privacy on your work computer or email, so leave the personal business for your personal time/devices.

Watch where you log in

Vacationing in Russia? Leave work in the states. Avoid accessing your accounts from different countries, networks, or computers, doing so increases your likelihood of being hacked. If you do plan to work from that coffee shop or vacation, make sure that all of your sensitive documents can only be accessed by a secure VPN .

Utilize a strong, secure password

I’ll give you a hint, your dog’s name and the current year isn’t an adequate password. Luckily I found that out via this site that checks your password strength and not by being hacked. It will take a computer program 157 million years to hack my new password.

Get and maintain firewall protection

If you’re not very tech savvy about firewalls, which as stated by Lavasoft, “According to a study by NCSA Cyber Security, only 4% of Americans say they understand firewalls "completely", while more than 44% don't understand firewalls at all” their article What is a Firewall and Why Do I Need It will break them down in easy to understand English.

Internal controls can prevent a hacker access to your nonprofit’s financials

Utilize SFTP folders

This is the best route to communicate secure information. SFTP stands for Secure File Transport Protocol and essentially is a folder which provides access only to approved users in a secured, controlled environment. Techopedia breaks down why SFTPs are useful and necessary in this article .

Segregate duties

If you HAVE to send secure information via email, break the information apart so the portions you are sending are indistinguishable on their own.

For example, if you have to have your accountant wire money on behalf of your nonprofit via email, you could have one person email wiring information and a separate person from your organization call with the receiver’s information. You should always have more than one point of contact for these situations, so that if you were hacked your organization is still protected.

Please note we consider this an occurrence that should only happen in an emergency situation.

Consider paying an IT company

An IT company can secure your network so that you are the most protected should you be hacked, and while your budget is tight, it is an expense that could save you thousands should you be breached...not to mention, a hack can severely affect your reputation.

Learn More

For more information on managing the internal controls of your nonprofit, check out these previous blog posts:

Renata Poe Massie, Content Creator for Jitasa

Jitasa Flames

Jitasa’s bookkeeping and accounting services are affordable and cater to every nonprofit.

Learn More