I was just at a conference on Business Email Compromise (BEC). various
ISACs, Symantec, the FBI and the CIA presented. It was very informative and here are a few things that were mentioned
- Watch out for fraudulent scams involving IRS returns
- Put 2FA in place everywhere you can and put a 2 factor policy in place for wire transfers
- If you believe your GMAIL account may have been compromised, or just wish to keep an eye on it, there is a link on the bottom of the page to see the last 10 logins (although I don't see this in inbox, maybe it is only in gmail).
- Set your out of Office messages to be internal only - or force this using rules
These were just some of the points made, but they were good ones.