2017 hasn’t even reached its halfway point and already it’s been a banner year for email scammers. The hackers may be rejoicing, but if you or your company has been on the receiving end of an email-based cyberattack, it’s hardly something to celebrate.

According to the FBI, email scams have been hitting American businesses hard, to the tune of a half a billion dollars per year. And the pace doesn’t seem to be slowing for 2017.

If your company hasn’t fallen victim to an email scam this year, count yourself lucky. Up to 85 percent of organizations have suffered phishing attacks, according to one report. (Phishing is the blanket name for the most common form of email scam.)

When you’re responsible for the security of your company’s network — and all the sensitive data contained in it — sometimes you can’t help but dream of a world without users.

When you set up a hardware or software security control — provided you configured it correctly and it’s up to date — you know it will do what it’s supposed to do without fail, never taking a shortcut, experiencing a “brain fart,” or suffering from sheer ignorance.

Employees, on the other hand, need to be constantly reminded to take data security seriously.

What came to mind? If your mental image of a hacker is informed by Hollywood stereotypes and stock imagery, you thought of a shadowy figure, bathed in the green glow of multiple screens, furiously pounding out complex algorithms and arcane programming.

If only that were accurate. The truth is, the perpetrators of some of the most devastating cyber attacks of recent years relied more on charm and quick thinking than on technical wizardry.

Hackers succeed by exploiting weaknesses. And long ago, they discovered that the weakest element of most systems is the human element.

It’s easier to talk someone into giving up their password then it is to crack it through sheer computing power. And hackers are all about what’s easier.

It’s tax season. And that means, for internet scammers looking to filch your employees’ identities and steal their money, it’s phishing season.

According to a warning issued by the IRS, tax season triggers a 400 percent surge in phishing and malware incidents. The scammers’ target? The sensitive information found on your employees’ W2 forms:

Every day thousands of emails move in and out of your company’s virtual inboxes. Since email has become the most relied upon method of communication for most organizations, short notes and quick replies have become second nature to most of us. Unfortunately, this simple delivery method makes it easy to for security threats to slip through the cracks.

A new kind of email fraud is making the rounds, and it's called “email spoofing.” It’s vital to your company’s security that you understand the threat and take a few simple measures to ensure your company isn’t victimized.

The purpose of email spoofing is pretty straightforward: get the recipient of an email to send money by way of wire or credit transfer. It’s the way scammers get this information that is hard to catch.