By now we’ve all gotten a spam email or two that we know is a scam. Princes in Nigeria, huge sums of money waiting, and cheap prescriptions are just the beginning. You’ve probably seen so many versions of this that you can spot them in the first sentence or even the subject line.
Or can you?
Even though we still get these run-of-the-mill phishing emails, these aren’t the emails that trip up our neighbors on a regular basis. Phishing emails have become so challenging to recognize, that even our savviest clients have been caught clicking the wrong email and boom – data disaster.
According to data released by the FBI’s Internet Crime Complaint Center (IC3) in its 2019 Internet Crime Report, Business Email Compromise (BEC or the mimicking of business emails) alone caused $1.7 billion in customer and business damages in just 2019. That’s a lot of profit for the hackers. Now you can see why they’ve really up-leveled their game – there’s huge reward.
Don’t let them get you or your business.
How to recognize Phishing
They will look like a company you know and trust.
Amazon, eBay, Google, Netflix, Hulu, major banks, credit cards and more have thousands of copycat accounts and emails crafted by experts. They know that the more it looks like that company, the better chance you’ll click on the link or attachment.
They ask you to confirm something.
- Phishing scams often ask something that sounds like:
- Click here to see if there is suspicious activity on your account
- There’s a problem with your account. Click here.
- The invoice attached is overdue.
- We need you to confirm some personal information
- Make a payment here before the due date
- Register for a government refund
- Click here for your free gift
- Your payment method expired. Please update your credit card information.
They can be misspelled or poorly written, but don’t let a well-crafted email fool you.
The times are gone when you could just tell that the email was foreign or a scam by the lack of professional use of English. It’s a $1.7 billion business now, they can even hire designer and English speakers to proof them.
It might even look like it’s from a friend, coworker or boss!
There are a lot of scams from supposed HR managers asking people to update their payroll information, or friends sending files or links. Always check with the person via a different means before clicking. Your HR person will understand and probably even appreciate a quick check to prevent the headaches later.
What to do if you suspect a phishing attack:
If you don’t have an account with the company sending you the email, you don’t have to do anything, however, you could help fight hackers by forwarding it to the Anti-Phishing Working Group at firstname.lastname@example.org and report it to the FTC at ftc.gov/complaint
If you have an account with that company, look up or use a phone number or email that you know is valid for the company (do a Google search and find their website). If there is an urgent message it will be in your account and someone from the company can verify if they sent it. It also helps to report it to the company so they are aware of the messages going out under their name.
Prevention is the best plan against phishing
- Protect your computer with security software. Here at Grace Computers, it’s what we do. Just give us a call to find the right solution.
- Have your phone update automatically. Updates help your phone stay as savvy as the criminals.
- Anti-spam tools are still effective and needed. Call us to get our support or have us manage your email servers.
- Use multi-factor authentication any time it is offered. While it may be an extra step in your day, there is currently nothing more effective at protecting your information. Check to see which of your accounts offer this protection.
- Back up your data – often and consistently. Make sure they aren’t connected to your network so if someone does get in, you still have all your information safe. (Also, don’t forget about backup for your phone as well.)
We care about your data security. Contact us if you have questions or believe you might have clicked the wrong button. We can help you find out if there are any risks and recommend the best ways to keep yourself safe.