Phishing attacks are nothing new. Scammers are always trying to take advantage of our basic instinct to trust and in these recent troubled times, their efforts have only gotten more devious. The current COVID-19 pandemic has seen a dramatic rise in the amount of phishing attacks through all kinds of medium. Whether that be phone calls, texts or e-mails, the goal is always the same: to trick you into inputting personal and/or financial details into illegitimate sites.
Below we are going to take a look at some of the methods these scammers might use and the ways you can identify and avoid them. This article might very well focus on those surrounding COVID-19, but the advice is always good to follow for any situation.
What are these Scams?
Common methods include:
- Falsely representing a health or government organisation – it is quite common for a scammer to attempt to impersonate a health organisation (such as the NHS or WHO) or a branch of government (DVLA, HMRC, DMV). These can be through texts, e-mail or even phone calls.
- Falsely representing your bank – something that goes on all the time, phishing attacks often attempt to imitate you bank to obtain financial information. Your bank will never phone or e-mail you and ask for this kind of information.
- Charitable donations – donating to a COVID-19 relief fund (or any charitable cause) may seem like a great gesture but be wary. Make sure you are donating through authorised charities and are not giving a scammer your details.
- Illegitimate websites – scammers are opportunists, they will use this current global crisis to capitalise on our needs. If you are buying medical supplies (such as hand sanitizer, face masks, gloves and the like) make sure you are buying from a reputable source.
How can I avoid them?
Avoiding phishing attacks can be easy, if you know what to look for!
- Scammers will often imitate authoritative bodies through e-mail or text, always check the sources by visiting the official website of that body.
- Do not click on that link! Never click on the link in an e-mail or text message without first confirming the legitimacy of the source. These links can take you to illegitimate websites or even trigger a download of a virus, an example can be seen in the text message here.
- Look for spelling, grammar and formatting mistakes. These are often obvious signs of a fraudulent e-mail or text message.
- Are you expecting that e-mail, text or phone call? Is it something you signed up for? Thieves are opportunists and will take advantage of our current global situation. Be wary of anything that comes “out of the blue”.
How can I protect my business?
Fraudsters will often target businesses, it’s an easy way to hit a large group of people and in particular those in managerial or finance roles are those of most interest.
Protecting your business is a combination of factors, ranging from network and endpoint security to user education and training. Here a few bullets points on what can be done to protect your business from this kind of attack:
- E-mail filtering – purchase a stringent and trusted platform to filter out this kind of e-mails before they even reach end users.
- User education and training – educate your users in what to look for. No e-mail filter will catch everything nor will it be any use against phone calls or text message attacks. Make sure there is a clear and well-known process to report this within the business to the relevant IT security person/s.
- Endpoint protection – all devices should have some form of endpoint protection. This will help in the fight against anything that “slips the net” and tries to open on a device.
- Back-ups – there should be a regular set of back-ups maintained that a business can fall back on in a worst-case-scenario which should form part of a disaster recovery plan.
Finally, and most importantly…. Find the right IT partner! The right IT partner will advise and assist in implementing all of the above steps. They will have partners and processes in place to make sure your business does not suffer from the acts of one of these scammers. Here at AgosIT, we have decades of industry experience to avoid this happening to your business and are always on the front foot in the fight against fraudsters.
For more information on how we can help you today, please contact us today.