If you’re skeptical that your business could be infiltrated by internet scammers, consider that the Federal Trade Commission received reports of fraud from 2.2 million Americans in 2020 and that people in 20 countries lost $172 billion in 2017 to hackers, including consumers of all ages. Scammers keep getting more inventive and elusive, constantly adapting to upgrades in computer security and the vigilance of people in the commercial and consumer sectors. Like good con men, scammers prey on human greed and fear, and a momentary lapse of attention can prove disastrous. Here are a few of the more common scams to watch out for.
Phishing scams are among the most common cyber attacks that businesses face today; it’s the third-most-common form of internet-based crime, according to the FBI. Phishing scams come in the form of emails that appear legitimate, perhaps disguised as a communication from Apple, Amazon, PayPal, or Microsoft indicating there’s a problem with your account and encouraging you to click on a link, or luring you with the promise of a purchase refund or discount. Following their link can give scammers access to your login information.
Ransomware is another tricky scam that entices victims to double-click on an email attachment or download an attached file, which delivers a virus or malware that locks up your PC and encrypts your files. This is generally followed by a message that if you’ll pay a specific amount of money (usually demanded in Bitcoin so they can’t be traced by conventional means), the perpetrators will unlock/decrypt your files. Your best guard against this fast-growing scam is right out of computer security 101—set up a continuous backup system and always accept Microsoft security protection updates. These “click here” scams are always dangerous: All it takes is a click of the mouse by a distracted employee and you’ve got a security problem that can be time-consuming and costly to counteract.
Email from the Boss
Most of us are hard-wired to respond promptly and obediently when we receive an email from a supervisor or high-ranking company official. It’s a knee-jerk reaction, and that’s what the inventors of a rapidly growing scam are counting on. Targets receive an email from someone pretending to be “the boss,” who claims to need money wired to him to deal with a business emergency while he’s on the road. These tend to be carefully targeted emails and are difficult for spam filters to weed out, so make sure staff knows that no company official would ever make such a request (without going through the chain of command), and that they’re to bring it to the attention of management and IT immediately. Also, it’s not a bad idea to fine-tune your money transfer security to make sure a situation like this doesn’t occur.
A data breach can happen in a matter of seconds and do a great deal of damage before anyone knows what’s happened. It’s important to have cybersecurity technology in place to help locate the source of the problem and put a stop to it. However, there’s more to it, as digital forensic specialists can also preserve and recover your valuable data and analyze the situation so that further breaches can be avoided. Your cyber threat recovery plan should identify what data you need to recover first, define objectives, and specify which staff will be responsible for your recovery efforts.
Employees are your first line of defense against computer scams, so it’s important that they know what to watch for. One of the best ways to guard against attacks is to teach them to recognize any red flags, such as emails that contain impersonal greetings, grammar or style errors, and warnings that “immediate action” is required. Your company’s computer security protocol should ensure that any suspected attack is reported to the IT department in a timely manner. Advise staff to communicate with co-workers if they identify a scam to prevent others from being victimized, and staff should be prohibited from sharing passwords or other sensitive data via email.
These days, companies rise and fall based on the extent, quality, and security of their data. That’s why it’s so vital that employees understand the threat that scams present, know how to recognize the signs and act accordingly to prevent catastrophic infiltrations. Establishing a clear protocol for staff members is one of the best ways to get everyone thinking in terms of computer security.