The COVID-19 pandemic is disrupting businesses everywhere. Many of you are working hard to keep your businesses operational and your staff safe. Unfortunately at the same time, cyber crime is on the rise. In fact, since the pandemic started in Canada, cyber breaches has increased by over 350%.
Employees are ultimately the first line of defense against cyber crimes.
We encourage you to advise your staff to be very careful in their computer work. They should watch what they open, click on or download.
PHISHING ATTACKS CATEGORIES
- Tricking users to pass on sensitive information via spoofed sites. In this scenario, compelling communication messages are sent to entice the user into visiting third party, data harvesting sites.
- Getting the user to install malware through a click in a communication. In this scenario, the criminal entices the user to click on a download link that in turn installs malware.
WARNING SIGNS WHAT TO WATCH FOR
- Incorrect spelling, grammar and punctuation
It is very likely that any email that contains poor grammar, punctuation or shows an illogical flow of content is likely written by scammers and are fraudulent.
- Asking for personal information
Established companies with sound technology platforms never ask you for sensitive information via email. Any messages asking to enter or verify personal details or bank/credit information should be a big warning sign of fraud.
- Alarming content full of warnings and potential consequences
Hackers often send messages outlining an extreme condition that puts you in panic mode. These could include messages such as “one of your accounts has been hacked” or“your account is expiring” or “you may lose some critical benefits immediately” to name a few. The goal of these alarming emails is to get the user to take some form of immediate action.
- Urgent Deadlines
An email outlining a pending deadline is another technique used by hackers. Items like validity discounts on a given deal or some form of renewal such as annual updates are typical. Once received, the information ends up in a data harvesting site with the personal or financial data ultimately stolen.
- Offer of large financial rewards
Any time you receive an email communicating to you that you have won a lottery or you will receive a large cash discount or prize money, all not associated to anything you have ever purchased indicates a scammer looking to direct you to a site so they can get your personal or financial information.
THINK BEFORE YOU CLICK!
- If on trusted sites, it is fine to click on links
- DO NOT click on links that are part of random emails or instant messages
- Hover over links that you are unsure of before clicking on them. If they are leading where they aren’t supposed to, DON’T click on them
- Sometimes phishing emails mirror an email from a legitimate company right down to the website link. If the email or website ask you to provide personal information where your name specifically isn’t in the email body, it is likely phishing
- When an email starts with “Dear Customer”, it is often some form of phishing
- When in doubt with any email, pick up the phone and call the sender as opposed to clicking on a link that might be a breach scenario