According to the FBI’s Internet Crime Complaint Center (IC3), there were 467,361 complaints of phishing in 2019. These scams resulted in a loss of more than $3.5 billion for individuals and business victims.
Phishing scams are attempts to get into your systems and access your personal information. We all know of the older scams, such as the Nigerian prince requesting money or IRS demanding immediate payment.
As these scams became well-known, cybercriminals upped their game to make them more real and appealing. So, now more than ever, the phishing scams pose a threat to individuals, employees, and businesses.
Below we are diving into what phishing scams are, the common types, and tips on how to protect yourself and your business.
What is a Phishing Scam?
A phishing scam is a type of fraud. Scammers use email, pop-up ads, text messages, and other methods to trick individuals into giving them sensitive information.
They go for valuable personal information, such as usernames, passwords, banking information, and credit card details. The scams often use fear tactics and a sense of urgency to get victims to act.
3 Types of Phishing Scams
Phishing scams, like most cyberattacks, can come in numerous ways. We are highlighting three common types.
1. Email Phishing Scams
An email phishing scam is a fraudulent message that appears to be from a person or company, usually known to the victim. The goal is to gather personal information from the victim. The email itself will include logos, signatures, typefaces, and phrasing to make the message appear real.
The messages involve a link to a fake website that is designed to mirror an actual business. One example of this from imperva.com is a phishing email where the link was “myuniversity.edurenewal.com” to resemble the real university’s URL “myuniversity.edu/renewal.” So, be cautious and pay attention.
2. Vishing Scams
Vishing, voice or VoIP phishing, is the voice version of phishing. It’s a phone scam where the cybercriminals trick victims into giving out sensitive or financial information.
Don’t provide personal information over the phone. You can search for the company’s website and call them directly to see if it was a genuine request. Analyze the site to ensure there aren’t signs of it being fake, such as misspellings.
3. Pop-up Warning Scams
Pop-up scams occur when a graphic or ad appears on the screen. Pop-up scams often make it difficult to close the pop-up window. The pop-ups show a message saying the computer is infected with a form of malware.
The cybercriminals can make the pop-ups appear as if they come from a trusted source. So, as a rule of thumb, don’t click on the pop-up.
8 Tips On How to Prevent Phishing Scams and Protect Your Business
Scammers are always trying to outsmart spam filters and other protection methods. They will continue to improve their attempts, so it’s important to stay vigilant and ensure you’re protected. Here are eight tips to prevent phishing attacks and protect your business.
1. Use security software to protect your computer
Put security software in place to keep data safe and ensure that the software updates automatically so there’s no gaps in protection.
2. Set software to update automatically
Updates safeguard your data and sensitive information against security threats. Software updates include fixes to holes in the software that cybercriminals can sneak through. Adjust your settings to have all software update automatically so you don’t have to worry. Keep software up to date on your mobile devices in addition to your computers and laptops.
3. Use multi-factor authentication
More apps and software are offering extra security by requiring two or more credentials to log in to your software or account. It is referred to as “Two-Factor Authentication” or “Muli-Factor Authentication.” Requiring these credentials makes it harder for cybercriminals to gain access to your accounts. Use multi-factor authentication in any app or website to protect your accounts and business information
4. Protect your company’s data by backing it up
Backing up your data is vital to protecting your business from all attacks. You can copy files to cloud storage or an external hard drive. Back up your data on all devices, including your phone.
5. Be cautious about all communications you receive
If an email appears to be a phishing scam, do not respond. Delete it. You can also forward it to the Federal Trade Commission at firstname.lastname@example.org.
6. Do not click on any links or attachments from unfamiliar sources
Don’t click links listed in the email message and do not open any attachments contained in a suspicious email. You can investigate whether the source is valid by looking it up separately in your browser or have your IT professionals take a look.
Be extremely careful since cybercriminals will make some emails, logos, and addresses seem legitimate. Also, pay close attention to details, such as spellings.
7. Do not enter personal information in a pop-up screen
Real companies, agencies, and organizations don’t ask for personal or sensitive information with pop-up screens. Look for inaccuracies, misspellings, bad grammar, and other unprofessional details. When in doubt, do not click on the pop-up.
8. Install a phishing filter on your email application and on your web browser
These filters will not catch all phishing messages, but they can reduce the number of phishing attempts.
What to Do If You Get Scammed
The first action to take is to change your passwords for all sensitive accounts. Change the password for your computer login in, banking and financial institutions, and any other passwords for your business, including software, websites, apps, etc.
Next, run a system scan for viruses on your computer. If you think the link you clicked or the attachment you opened downloaded harmful software, run a scan for viruses.
If the scammer got ahold of your financial information, contact your bank to warn them of any fraudulent activity.
Then, you can report the scam. As we mentioned above, you can forward email scams to the Federal Trade Commission at email@example.com. Head to the FTC’s webpage that describes how to report phishing in more detail here.
Phishing scams put individuals as well as businesses at serious risk. The IC3 reported 23,775 complaints about business email compromise (BEC), which resulted in $1.7 billion in losses for companies.
Watching out for scams and setting protective measures in place can save your business. If your company needs assistance in implementing these measures, contact Nicolet Tech.