October is National Cyber Security Awareness month and we want to talk about phishing scams. What is phishing? A phishing attack is one that uses your email or a website to infect your computer, tablet or phone with viruses and/or malware. The purpose of phishing is to infiltrate your devices and collect your financial and other personal information.
The way phishing scams work is that a cybercriminal will try to lure you in by sending you an email that looks legitimate and has what looks to be a legitimate link to your bank or your business. You click on the link, open an attachment and your computer is infected.
Phishing emails look authentic
Even cybersecurity experts can be fooled by a phishing scam — that is how authentic these emails appear. Many of these emails also appear to come directly from a trusted source or your bank. You may be so accustomed to simply clicking on a link embedded in an email from someone you trust that you do just that without realizing it was a phishing email.
How many times have you seen an email from your “bank” that alerts you to a “problem with your account” and asks you to “click this button to log in and address the matter.” It certainly appears authentic. You do bank with that institution. You may now be fearful that there is a problem with your account and that fear has you tossing caution to the wind and clicking.
What Is ‘Phishing’?
How can a phishing attacker lure you in?
- By mentioning an “unauthorized transaction” or “suspicious withdrawal” from your account
- By asking you to “click here” to verify your account
- By asking you to “click here” to verify that you either did or did not, request a new password for an account
- By using fear and/or intimidation. “If you don’t respond to this IRS message within seven days you may not be entitled to your refund” or the like.
How can you protect yourself from a phishing scam?
- Never click on a link in an email. If you believe it is your bank contacting you, go directly to the bank website
- If you get an email that appears to be from a friend, but that seems somehow “off” reach out to that person and ask if they did, indeed, send you that message
- If you are asked to “respond immediately” take a few moments to think about it. Don’t give in to fear or intimidation.
If you’re worried that your legal or healthcare firm has been infected, give us a call or send us an email. We can help you put cybersecurity measures in place to protect your organization’s private, secure information.
WareGeeks Solutions is a Roselle, New Jersey-based complete IT consultant and solutions provider. We specialist in Data Protection, specifically Business Continuity and Disaster Recovery (#BCDR). We work with medium and large law firms and in the healthcare industry. If you have IT or security questions contact Seth at WareGeeks Solutions. For information or a consultation, call (877) 653-7146, or email us at info@waregeeks.com. www.waregeeks.com