Companies Mimicked in Phishing Must Respond Quickly: FTC

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

By Jimmy H. Koo

Companies impersonated in phishing scams should immediately notify customers and offer them advice and support to help retain goodwill, the FTC advised.

A business that has its identity stolen by scammers seeking to entice individuals into revealing personal information should also contact law enforcement and update security practices, the Federal Trade Commission said March 6.

Data security isn’t a “one-and-done checklist,” it said. Considering that cybersecurity threats are ever-evolving, the commission recommended companies adopt nimble defense mechanisms.

The commission’s tips for impersonated businesses follow a March 3 study that found 86 percent of major online businesses are using proper email authentication technology to prevent phishing scams, but fewer than 10 percent of them have adopted related technology that would provide additional protection.

To contact the reporter on this story: Jimmy H. Koo in Washington at

To contact the editor responsible for this story: Donald G. Aplin at

Copyright © 2017 The Bureau of National Affairs, Inc. All Rights Reserved.

Request Bloomberg Law: Privacy & Data Security