It’s no surprise that businesses these days are being run almost exclusively online, whether through e-commerce platforms, digital databases or communications, accounting software, and more. As the real world has made the transition into the digital world, the internet has given many opportunities to people to not only enrich their lives; but also given opportunities for people to use it and scam others for their personal information. One of the most common ways this is done is by phishing emails.
What Are Phishing Emails?
Put simply, phishing emails are sent to people, especially in large organizations (but can affect individuals as well) that look like legitimate emails from well-known businesses or a well-known source, in order to steal your financial or other personal information. They usually instruct you to click on a link to “update” your information, thus giving them the ability to steal your info. These types of emails are scams.
A classic example of a phishing email is one that says something about how you have an account that has been compromised and will be deactivated unless you confirm your credit card details and information. Legitimate businesses will never ask for your credit card number to “confirm” your account. They will however, ask for your credit card at check-out when you purchase something, as any e-commerce platform would.
You may be thinking that because you are a small business owner that phishing emails won’t affect you, but there has been a rise in this type of scam in the past several years.
What About Phishing Texts?
Phishing texts are essentially the same as phishing emails except of course, they are done through text message. They often claim to be from your bank or other organization you are familiar with, and will send you a link with the text saying to update your information. Most people get concerned, naturally, when they see that their bank accounts may be compromised and well-meaning people may follow the link and give their information away to “secure” their account. These texts go out en masse and use several different bank names or organizations in the hopes that whoever they send it to may have an account at that bank or institution.
How to Spot a Phishing Scam:
Phishing emails and text messages often tell a story to trick you into clicking the link or opening an attachment. They may:
• Say they’ve noticed suspicious activity on your account
• Claim there is an issue with your account or your payment information
• Say you need to confirm personal information
• Include a fake invoice
• Instruct you to click a link or make a payment
• Claim you’re eligible to register for a government refund
• Offer a coupon for free items
If you suspect that you are being “phished,” report the email or text message and delete it. DO NOT CLICK ANY LINKS OR OPEN ANY ATTACHMENTS TO SUSPICIOUS MESSAGES!
Protecting Yourself and Your Business from Phishing Scams
Fortunately, there are ways you can protect yourself from these types of scams. Because of how common they are, many email boxes now will recognize that a message is a phishing scam and will send it to your junk mail folder or spam folder. However, just as AI and technology gets smarter when things aren’t working, the people behind these scams may start wizening up too and things may still slip through to your inbox or into your text messages. Below are some additional tips for keeping yourself safe from phishing.
• Protect your computer by using a legitimate security software to protect it from threats.
• Protect your cellphone by setting security software to update automatically which can give you critical protection from scams and other security threats.
• Protect your online accounts by enacting multi-factor, sometimes called “two-factor” authentication which requires that multiple credentials in order to access an account. Sometimes these are passcodes, biometrics, codes sent to your phone and more that deter scammers from getting your personal and financial information. This makes it harder if someone does get your login information, to access your account.
• Protect your data by backing it up to cloud software or a flash/USB drive or external hard drive.
You’ve Been Phished. Now What?
Sometimes despite our best efforts to protect ourselves from scammers and phishing threats, things still get through the cracks. First off, you are not alone and there are ways to regain your identity and accounts, so try not to panic.
• Change all passwords you can think of and set up multi-factor authentication for those accounts if it is an option.
• Disconnect your device from the WIFI network (phone or computer)
• Run a virus scan
• Inform the legitimate company that you’ve been phished and let them know what happened so they can investigate.
• Be aware of identity theft. Check your credit report regularly to see if new accounts that you are unaware of have been added and keep an eye on credit card and bank statements to ensure there has been no unauthorized spending or purchases.
For more information and steps to take to protect yourself if you have fallen victim to a phishing scam, click here to visit identitythefy.gov, an official government website to see what other steps you can take.