Phishing is a major problem, not only for individuals but also for businesses. And it’s just one type of scam that falls under the heading of “social engineering” that can steal your information, take your money, and threaten your company’s very existence. No matter what your business, it’s important to know what these scams are and how to avoid falling prey to them.
Get Your Systems Ready
It’s extremely unlikely that any unprotected business would get by very long without being approached by a scammer. The best thing you can do is to assume that there will be criminals trying to defraud you, then set up your I.T. systems accordingly. Here are some things you’ll need:
- Secure servers.
- Anti-virus software.
- Spam protection.
- Data encryption.
- Phishing testing.
- Intrusion testing.
- Mobile device management.
- Reliable I.T. support.
Recognize the Scam
If you can recognize a social engineering scam at the first sign of trouble, you have a much better chance of avoiding it. The scams can be laser-focused on one individual or company, or they can be mass scams directed at many people or businesses.
Nearly all social engineering scams follow four basic steps.
- They start by getting your information. This begins with obtaining your email address or phone number.
- Once they’ve got basic info, they steal your passwords.
- They look for your vulnerabilities and exploit them.
- Finally, they pull off the scam.
Some types of scams that fit this description include:
Prepare Your Employees
Often, it’s your employees that fall for the scams, either because the company has no policies and procedures that cover it, or they aren’t properly trained in recognizing the signs of a scam. The first thing you need to do is to train them in recognizing and responding to the different types of scams. It’s also a good idea to write a guide for your employees that lays out what to do with sensitive information.
So, how exactly can you and your employees avoid getting taken by a scammer? Here are some things you need to know and teach your employees.
1. Beware of Unexpected Emails
It’s always important to be cautious about opening emails. When you get an email you aren’t expecting, be doubly suspicious.
Here are some simple tips to use when you receive an unexpected email:
2. Deal with Links Properly
Links offer a handy way to direct someone to a website they need to access. Unfortunately, cybercriminals use links in various ways to guide you where they want you to go instead. If they take you to a fake site, they can more easily get your private information or cause you to download malware.
To make sure you aren’t misled, you can mouse over a link to see if it’s going to take you to the site that’s shown in the email or on the webpage. Another way to be sure is to simply type the URL in yourself rather than clicking on the link. Always be suspicious of shortened links in emails, on social media, or on webpages.
3. Look for Clues
Email scams of all types are often easy to spot. There are several clues in the wording of a fraudulent email.
Here are some to watch for:
4. Use Secure Browsing When You Can
Secure browsing allows you to work far more safely.
There are several ways to do it:
- Choose secure websites that include https (note the “s”) at the beginning of their URL and show a security lock icon.
- Avoid using unsecured Wi-Fi for any tasks that involve sensitive information.
- Make sure your mobile device is on 3 or 4 G or has an LTE connection.
5. Rely on Knowledgeable I.T. Experts
Scams directed at a large number of people are often identified by people in the I.T. field as they are happening. By working with a knowledgeable managed services company, you can be sure you’re alerted to any known threats.
6. Report the Scam
If you recognize a scam, it’s always important to report it. An unreported scam is just another invitation to scammers to keep doing what they do. By letting the authorities know about the scam, you reduce the chances that a scammer will achieve their goals.
Even if you yourself are safe, reporting the scam can help other companies avoid scams. You might even help catch a cybercriminal and put them out of commission. If businesses work together to reduce the threat, the internet landscape will be far safer.
Phishing and other social engineering scams can cause you significant trouble personally and in your company. To avoid them, put the right I.T. systems, software, and policies in place. Learn what the scams are and how to recognize them. Train your employees to watch for scams and respond appropriately. Get information on specific scams from your managed services provider. Finally, increase everyone’s safety by reporting every scam you run across.
Don’t wait for a phishing attack to steal the information you most want to protect. Talk to JMARK to create a plan for developing more secure systems, procedures, and policies that will keep your company running strong, unhampered by social engineering fraud. Call us at 844-44-JMARK, email us at jmarkit@JMARK.com, or send us a message on our Contact Us page of this website.
JMARK is based in Springfield, Missouri, with offices in Tulsa, Oklahoma, and Fayetteville, Arkansas. We have been helping businesses maintain their I.T. and protect their digital assets for more than thirty years, and were recently named one of the top I.T. security providers in the world.