I’d Rather Not Be Caught Phishing

Like you, technology impacts all parts of our business, and one thing we’ve noticed recently is an increase in “phishing” attempts.

Phishing is a practice bad guys use, sending emails or text messages that appear to be reputable to induce individuals to disclose information like passwords or credit card numbers, or grant access to the company’s network.

“Business all over the world are struggling, and to be honest, individuals as well,” said Hoffman Development Director of IT AJ Davison. “It is social engineering. To gain access, you need somebody on the inside to help you.”

According to the Federal Trade Commission, “Phishing emails and text messages often tell a story to trick you into clicking on a link or opening an attachment. They may

• say they’ve noticed some suspicious activity or log-in attempts
• claim there’s a problem with your account or your payment information
• say you must confirm some personal information
• include a fake invoice
• want you to click on a link to make a payment
• say you’re eligible to register for a government refund
• offer a coupon for free stuff.”

Davison says education is the number one step you can take today to help combat your employees from getting trapped.

“Let your people know what the risks are,” Davison said. “It’s not just customer data, but also their own information — Social Security numbers, first name, last name, address, etc. Probably a bank account is stored somewhere in the company’s system.

“It’s about making your employees aware that it’s bigger than just the business. Start there and use examples of a phony email. Verify the person on the other end of the phone is who they say it is. Training is absolutely the number one thing.”

Need a place to get started? Davison shared this video with Hoffman Development early in 2021.

According to the FTC, you should take the following steps if you responded to a phishing email.

If you think a scammer has your information, like your Social Security, credit card, or bank account number, go to IdentityTheft.gov. There you’ll see the specific steps to take based on the information that you lost.

If you think you clicked on a link or opened an attachment that downloaded harmful software, update your computer’s security software. Then run a scan.