You get to work turn on your computer and start going through your emails, as you go through the emails you run into an email that looks like its from a co-worker or a company you do business with, it looks innocent enough. The email requests information and you thinking it’s a legitimate email you proceed to provide the information. It looks so real the email that it can fool most people. You realize afterwards that you have fallen victim to a Phishing Scam. Phishing is when someone uses fake emails or texts – even phone calls – to get you to share valuable personal information, like account numbers, Social Security numbers, or your login IDs and passwords. Some Phishing scams ask you to click a link, which unbeknownst to you gives access to your files and your computer to someone looking to run a scam by installing ransomeware or other programs which restrict access to your own files. Your files will be held hostage and you will have to pay a price for its release.
How can you protect yourself from phishing scams
Back up your data: Why should you back up your data, in case your computer gets compromised and you have to do a total system wipe and clean your computer you have your data saved. There are time when only a clean wipe of the computer is the only option to restoring it to before it was compromised.
Multi-Factor authentication: extra security measure to for access into your computer or phone usually it is something you have: pass code you get sent via text or an authentication app., something you are: Finger print, facial recognition or a retina scan.
Make sure the Anti-virus is current and up to date, make sure updates are done automatically this will help you stay on top of any security updates as they become available.
Set devices to Auto update: Protect your phone by setting it to update automatically.
Types of Phishing Scams:
There are many types of phishing scams here are five common scams that scammers run to get access to information.
- Financial Fraud: A phishing attack that attempts to directly gain financial information, such as bank details or online login credentials. One example is fake updates from PayPal look-a-likes that falsify spending receipts, upon which the user will be inclined to investigate. These are typically, but not always, distributed by email.
- Service Updates: Much like financial fraud, this approach sees hackers pose as services such as Dropbox or a utility provider, often as an indirect means for financial gain.
- Promotional Offer: This is a form of phishing in which some kind of coupon or special deal is promoted. This occurs on a mass scale, using entirely automated processes. This might feature tickets for a gig, or heavy discounting on retail purchases. The added benefit for hackers with this technique is that often the promotion involves resharing the initial link, helping spread the attack even further.
- Spear Phishing: Spear phishing is a type of phishing that is much more targeted than other approaches. Here, a particular individual or organization will be attacked using information specific to that target. This might include the impersonation of employees or contractors to extract a certain piece of data, often using manipulation and trust rather than online pages to execute the attack.
- Whaling: Technically a branch of spear phishing, this type of attack is focused squarely on high profile individuals such as CEOs. Attackers can spend months researching their targets, working out their daily routine and mapping their personal relationships. Once the hacker has gathered this highly personalized information, the hacker will begin to use it to their advantage.
These are just some of the Phishing Scams that I mentioned but the list is growing and it is important to stay on top of this. Making sure your cyber security is tight and the employees are well aware of the scams out there. Employees need to double check before any information is sent and emails have to be scrutinized even before they are responded to or clicked on. Last but not least Back up, Back up and again Back up your data.
Customized Computer Services, Inc. (CCSI) has been serving the Dallas-Fort Worth area for the last 29 years. We have dealt with the issues of Phishing scams for our clients and we have help those that have been compromised by phishing scams. Call us and find out how we can help you avoid being victimized by Cyber Criminals.