One of the top cyber crimes, and the most profitable, are phishing scams. Large corporations such as Sony have been compromised and accounts of these types of cyber crimes are being reported at a high rate. Phishing scams are just as dangerous to small business owners as they are to large corporations.
Over 300,000 complaints were filed in 2010 to the Internet Crime Complaint Center, a partnership between the National White Collar Crime Center and the FBI. These grievances were from small businesses and individuals wronged by online phishing scams and a variety of other Internet related crimes.
To give you a better comprehension as to why your small business is of great appeal to a cyber criminal, let’s take a look at what phishing is exactly.
What is phishing?
What does “phishing” mean? Phishing is the endeavor to access private data, such as financial information, usernames, and passwords. This is accomplished by making false websites, graphics, email accounts, and phone numbers. The subject is convinced, by one method or another, to reveal these types of information that may be used to steal their identity (social security numbers are a popular target). For small businesses, phishing scams may attempt to obtain access to customer credit card information.
Examples of small business phishing scams
Countless numbers of small business owners have been sent emails by an entity using incredibly realistic IRS-looking letters stating that W-4 forms or other additional forms must be filled out and returned via fax. This frightened many owners into believing they would be audited or penalized by the IRS for not handling the issue immediately. Unfortunately, they were phony emails and these companies were tricked out of their private information.
At the official website, IRS.gov, the IRS states that it will not contact companies through email first. Beware and use caution before clicking on a link claiming to be from them.
Your company email can be a target
Company emails are easy access for thieves. They can target an particular person by sending him or her an email that looks legitimate, however when they open it, it can release a virus or malware infecting the entire network. The thieves will then have access to employee’s private information and company data.
There are also a number of “phone phishing scams” where fake messages from your bank, for example, ask you to call a phone number and enter your account information.
How to protect your business against phishing
APWG.org is the Anti-Phishing Work Group, and their mission is to provide wonderful advice on how to guarantee your business does not fall victim to phishing. Listed here are some of their tips:
- Make sure your employees are aware of what phishing scams are, and are cautious when reading and responding to suspicious emails. Always err on the side of caution. Instead of clicking a link, open another browser window and go to the official website.
- Never give out company financial information such as bank routing numbers to an inquiry made via email. Your bank does not need you to confirm your account information…they already have that. An email like that even if it has your bank’s logo is a fake. Make it a habit to check your accounts regularly for suspicious charges and withdrawals.
- Make sure every computer used has up-to-date virus and malware protection. Schedule regular full system scans. Never download “anti-virus” software from an unknown entity. It’s better to stick with trusted brands.
The best way to protect oneself and colleagues from these scams is to be aware of the methods one can use to identify a scam and stay on top of the latest news on the issue.