In the South, our favorite pastimes include: Friday night in the football stadium, Saturday morning on the lake, and all day Sunday at church. Many of my Saturdays – particularly in the spring and summer – were spent with my dad baiting up a hook and waiting on a sucker fish to come along and take the bait. Somewhere, someone is baiting a hook, and it may even have your name on it!
We have all received the email from a prince in a distant land, offering inconceivable riches if we will send him our banking information so that we can hold his money temporarily for him until he can get his stuff together. Most of us chuckle when we saw the email for the first time, but many people were convinced enough to actually reply to the email – losing thousands of dollars and hours of frustration fixing the problem.
Most of us have heard the term phishing – an attempt to obtain sensitive information such as usernames, passwords, and credit card details, by appearing to be from a trustworthy entity. Today’s scammers are much better than those from the past. The term used today is spear phishing. Spear phishing is a more targeted attack. The attackers spend time gathering information and use names and official looking emails to trick even the most seasoned computer users. Some IT professionals have even fallen victim to spear phishing.
Phishing isn’t limited to just email either. You can also fall subject to malicious posts on Facebook and Twitter. You must also pay close attention to ads on websites. Online advertising companies take efforts to make sure ads placed with them are legitimate, but remember revenue is their bottom line. Due to the shear volume of ads placed, some inadvertently will end up being malicious.
What to do to help protect you and your business from phishing:
- When in doubt, throw it out! – If it looks like a phish and smells like a phish, it’s probably a phish.
- Have a plan! – Make sure you know where you are storing your most secure data. Do you have an email system in place that provides adequate spam filtering? Do you know what to do if your information or customers’ information is stolen? What if an employee clicks on an inconspicuous email that shuts your network down? Do you have backups? Can you resume normal business within a few hours, a few days, a few weeks, a few months?
- If you see something, say something! – Report spam to your email spam filtering service, report spam you see on your social media sites. Facebook, Twitter, and YouTube all have a system in place for reporting suspicious online activity.
Even with a solid system for filtering and reporting spam, there are still a lot of vulnerabilities. We are committed to providing you the information you need to make sound decisions about keeping your information secure. Look for our next email to help keep you and your business safe.