‘Tis the season, and in the world of online scams, there is more to worry about than just the holidays. Between the COVID-19 pandemic, the U.S. Elections, and the upcoming holidays, scammers have endless opportunities.
Safely navigating this online world requires caution and a healthy dose of skepticism. We’ll outline the threats below and provide some tips for staying safe all year round. USA.gov has lots of useful information, and several videos and posts are listed at the bottom of this article.
Whether an email is a campaign solicitation or a shipping notification, be sure to scrutinize every email for clues about phishing attempts. Think about these issues:
- Does it make sense? Did you expect it? If there is any doubt, verify via another method (phone, text, etc.) Your boss probably won’t ask you to buy gift cards at the last minute. A friend is unlikely to email to ask for money for an emergency. Be skeptical!
- Look at the sending email address. A common technique is slightly changing the email address – using .com instead of .gov, for instance. Again, verify the email via other means.
- Never take financial action based on email. Scams can involve long drawn out email strings that convince you to assume they are who they say they are. Your business should have procedures to verify any account changes, withdrawals, etc. Banks can be helpful with these processes.
- Don’t click on links in an email if you have any doubt about the source.
- Be very wary of opening email attachments unless you are sure they came from a reliable source.
Tech Support Scams
Tech support online scams have been popular for a while. Scammers send an email or call you with the news that your computer is infected. They offer (for a fee) to hop on your computer and clean it or install special software to take care of the problem. They often claim to be from Microsoft. Don’t fall for it! At best, you’ll be out a few hundred dollars. At worst, they’ll steal the information on your computer and your privacy (and identity) compromised.
It’s also possible you may encounter a pop-up on your computer. It usually looks like a dialog box and has an urgent message about something wrong with your computer. There is a phone number to call associated with generic tech support. If you are a BEI client, you know our local phone number, and it will not change. This scam aims to get you to call and allow the scammer onto your computer, giving them full control. This is a great reason to make sure your day-to-day computer use is run using an account without administrator privileges. Without administrative rights, the damage a hacker can do is limited.
Never shop on public WiFi. It can lead to the theft of credentials, credit cards, and other personal information. Browsing is generally safe, but wait until you are on a secure network to make a purchase.
Watch out for bogus receipts and fake shipping information. Such information is a great way to get you to open attachments and click on links. Go to the merchant’s website and verify the information!
Social Media & Online Scams
Be very cautious about what you post on social media and about where you click. Does the world need to know you are going away? Numerous scams involve contacting people whose associates are unavailable. For example, hackers might ask you to transfer money while your boss is on a plane. Urgency is a bad sign!
- Adopting a Cybersecurity Culture
- Fundamentals of Cyber Insurance
- Password Managers – how to choose and LastPass demo
- The Latest Trends in Phishing
- 6 ways to protect your business from phishing attacks
- Your guide to phishing attacks and the different ways they work
- Phishing attacks, spear phishing and keeping your company safe