74% of organizations have suffered phishing attacks. – TechRepublic
"Go fish" just got a whole new meaning.
Phishing scams are getting harder to detect. Pronounced "fishing," phishing is a way for hackers to get you to turn over passwords, sensitive company data, and bank account information. Usually, it comes in an email, but it can also be web-linked.
Hackers are master counterfeiters and will plagiarize bank and payment services. They’re not shy about using logos and email templates from companies like PayPal, Chase, or Amazon to look like real emails. That's why they're so hard to detect!
These phishing emails can look like they’re coming from nearly any organization.
Hackers are master counterfeiters. For example, a couple of years ago, a phishing scam that looked like it came from the Federal Trade Commission (FTC) made its rounds through the business world and affected multiple companies.
What makes small businesses more vulnerable? Hackers are working under the assumption that you don't have a dedicated IT professional or team. Or even if you do, there's a substantial chance you don't have the necessary foundational security measures, so they use that against you.
🔎 Related: 17 Foundational Cyber Security Measures Small & Midsize Businesses Need
Hackers don't necessarily have to be web-masterminds. They often don't have the state-of-the-art Internet knowledge you’d expect. But what they do well is trick you and your employees.
Cyber criminals usually aren't some person in a dark room with a hoodie hunched over their computer. They are more like Leonardo DiCaprio's character in Catch Me If You Can. Charming and outgoing, and excellent at conning you.
Educating your employees on what to look for can go a long way in avoiding scams.
When training your employees on email safety, a checklist to keep at their desks might be helpful.
Related: Cyber security training for you and your team
Check your online accounts frequently.
Check for unauthorized transactions, especially ones that seem like very low amounts. Sometimes hackers will test accounts by taking small amounts of money. They want to know how aware you are.
It'd be even better if phishing scams never even made it to your inbox, but unfortunately, it's a reality in which you need to be prepared.
This is your simplest, yet most effective scam defense.
Mobile devices are often overlooked as we see them more as an extension of ourselves than a computer. This creates blinders for the threats they can carry.
Most of us check our email from our phones, which makes mobile devices a solid platform to launch all kinds of attacks. Mix that in with the fact that hackers know that generally, Android's open Chrome and iPhones open Safari, so they know exactly which search engines to mimic.
You should always use the same best practices on your phone as your computer. This includes using security software, challenging passwords, and updating software. Yes, iPhone, security software for you too.
Anyone can be a victim of a phishing scam and small businesses are especially vulnerable. Consult your IT professional on how to minimize these threats and education your employees with best practices.
Need some IT or cyber security guidance? Contact us any time.