According to the Federal Trade Commission (FTC.gov), there has been a 768% increase in ransomware attacks through email scams. This is the number one attack vector for ransomware operators.
What is an attack vector?
It’s the means by which hackers work to gain access to a network that hasn’t been authorized. An attack can be passive or active, phishing is passive in that it doesn’t impact system resources. It
is usually harder to mitigate considering primary targets are not tech-savvy and the social engineering tactics used can be effective.
What is Phishing?
It’s defined as “the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.”
My husband works for a large corporation and just had an entire online class about phishing. His takeaway was, “if there is urgency in the email for you to take some type of action, beware.”
Scammers use many different forms of communication to try and trick you. Consider email and text messages as a possible path for them to obtain your personal information. Their goal is to gain access to your money, and they are working to do so by stealing your personal information. Therefore, we are always told to never give out your social security number, account number to anything, passwords or other confidential and personal information.
“The FBI’s Internet Crime Complaint Center reported that people lost $57 million to phishing schemes in one year.” Scammers often update their tactics, but here are some signs taken directly from the Federal Trade Commission’s website that will help you recognize a phishing email or text message.
Phishing emails and text messages may look like they’re from a company you know or trust.
They may look like they’re from a bank, a credit card company, a social networking site, an online payment website or app, or an online store.
Phishing emails and text messages often tell a story to trick you into clicking on a link or opening an attachment.
- say they’ve noticed some suspicious activity or log-in attempts
- claim there’s a problem with your account or your payment information
- say you must confirm some personal information
- include a fake invoice
- want you to click on a link to make a payment
- say you’re eligible to register for a government refund
- offer a coupon for free items
Here’s a real-world example of a phishing email:
Imagine you saw this in your inbox. Do you see any signs that it’s a scam? Let’s take a look.
- The email looks like it’s from a company you may know and trust: Netflix. It even uses a Netflix logo and header.
- The email says your account is on hold because of a billing problem.
- The email has a generic greeting, “Hi Dear.” If you have an account with the business, it probably wouldn’t use a generic greeting like this.
- The email invites you to click on a link to update your payment details.
When we see logos from companies where we utilize their service or product everyday, I can see why many people are tricked by this type of scam. If you look in detail, often you might find a misspelling or something to alert you further about the fake email. In this Netflix example above, I also noticed that Centre is typically not spelled with an “e” at the end in the United States but is found more from British English writers.
Six Ways To Protect Yourself From Phishing
What can you do to ensure you are not scammed and work to try and protect yourself, your phone and computer in the best way possible? I reviewed information from the FTC, Microsoft and Cisco and found the below tips the most useful:
1. Use security software on your computer and phone and set it to update automatically.
2. Never share your personal or financial information by email, text or other methods.
3. Use multi-factor authentication wherever it is available.
4. Install firewalls and rotate passwords.
5. Back-up your data to protect it, such as through an external cloud storage.
6. Look for urgent or threatening emails and/or those with spelling and poor grammar.
Easily Accessible Resources In Action
I received a text message last week from “Whole Foods” and found what I did next was extremely easy and helpful. I googled it. I typed in “whole foods scam” to see if it was a phishing scheme and received all the information I needed. The headline read “old whole foods text scam making a comeback from 2018.”
It was a good one too, I was almost ready to become a secret shopper! The text included the Whole Foods logo and noted they were beginning a research project where secret shoppers were needed.
I’ve served a client before through Reliance Staffing where we provided secret shoppers, so I knew this existed. We had provided this service to a 3rd party to shop at various groceries stores. I was excited for a moment about the opportunity and the teenagers I could share it with. The $400 did make me think twice about it and Google clarified the texting scam quickly for me as I deleted the text.
Learn More About Staffing Software with COATS!
Security, storage, hosting and access to your data is a lot to keep up with on your own. Intellipath is the preferred partner for COATS Cloud hosting that provides users anywhere, anytime access that is fast, secure and reliable.
No hardware or software is required, and the data center is enterprise grade internet security with automatic backups ensuring the user's vital COATS data is protected. For more information, contact Chris Ferland at (317) 826-0295.
Customized staffing software is available through COATS that offers the flexibility to use programs and access data that fits seamlessly into your workflow and evolves as your business does. Leasing or purchasing options are available, installed or online. Contact Karen Connor at 1-800-888-5894 for further details.