Have you recently received a communication that initially scared you?
Perhaps a notice that your credit card had unauthorized transactions, your bank account needed attention, or your favorite shopping site needed to verify some information to complete your latest purchase, which you knew was an important but last-minute gift?
And this notice asked you to call in to verify your information or click a link to sort it out?
That is what a “Phishing” email looks like. Criminals want you to call and give your login credentials so that they can take over your account (and presumably use your credit or drain your account.)
Some criminals are also looking for a path to load malware on your device, perhaps to send ransomware to your employer.
Therefore, never click or call! Criminals hope your fear will cause you to click or call immediately, and when you realize it’s a scam, it’s too late.
If you still think you have an account that might be a concern, close the email or delete the message. THEN visit the actual website on your own. Or look up the institution’s number from your bills and call that.
No financial entity is going to ask you to log in on the spot. They may ask you to check your account, but not with any links or other direct interaction in the message.
And speaking of financial entities, criminals often pretend to be the Internal Revenue Service because that agency scares everyone. You may see messages claiming the IRS will come to your house to arrest you, throw you in jail, or fine the daylights out of you if you don’t act immediately.
Nope. The IRS sends letters through the U.S. Postal Service, and you have time to respond. Even if you’ve pulled a stunt with your taxes, the IRS has a process, not goons who come to your door to take you away as a first step.
You probably know that – and social media these days is full of sarcastic posts where someone tried to scam somebody and did a bad job of it. Those hapless Nigerian Princes are still at it.
But what you don’t hear about are the smarter, slick criminals, sometimes funded by a rogue nation, who continue to trick people and cause data breaches. Those continue apace, so it’s important to remain on guard, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA).
The agency has posted several tips online to keep yourself safe from phishing and other attacks. We recommend you give it a look.
And if you have team members who continue to fall for scams, perhaps you need a better cybersecurity training program. We have a great one – contact us to learn more about it!
Happy Cybersecurity Month!