As more businesses large and small have moved parts of their operations online during the COVID-19 pandemic, employees have become increasingly vulnerable to online scams like phishing attacks.
According to the Federal Trade Commission, scammers often use email or text messages to trick you into giving them your private information. Scammers may try to steal your or your employees’ passwords, account numbers, or Social Security numbers. If they get that information, they could gain access to company or personal email, bank, or other accounts. But there are several things you can do to protect yourself.
What to Look For
Scammers often update their tactics, but there are some signs that will help you recognize a phishing email or text message.
According to the FTC, phishing emails and text messages may look like they’re from a company you know or trust. They may look like they’re from a bank, a credit card company, a social networking site, an online payment website or app, or an online store. Phishing emails and text messages often tell a story to trick you into clicking on a link or opening an attachment. They may:
- say they’ve noticed some suspicious activity or log-in attempts
- claim there’s a problem with your account or your payment information
- say you must confirm some personal information
- include a fake invoice
- want you to click on a link to make a payment
- say you’re eligible to register for a government refund
- offer a coupon for free stuff
Phishing emails can have real consequences for people who give scammers their information. And they can harm the reputation of the companies they’re spoofing.
How to Protect Yourself and Your Company from Phishing
Email spam filters can keep many phishing emails out of your inbox. But scammers are always trying to outsmart the filters, so it’s a good idea to add extra layers of protection. According to the FTC, here are four steps you can take to protect yourself from phishing attacks:
1. Protect your computer using security software. Set the software to update automatically so it can deal with any new security threats.
2. Protect your mobile devices by setting software to update automatically. These updates could also give you critical protection against security threats.
3. Protect your accounts by using what’s called multi-factor authentication. Some accounts offer extra security by requiring two or more credentials to log in.
4. Back up your data regularly to an external hard drive or cloud storage. Make sure to include your mobile devices too.
What to Do If You’ve Been Targeted by a Phishing Attempt
If you get an email or a text message that asks you to click on a link or open an attachment, first stop and consider whether you have an account with the company or know the person who contacted you. If the answer is “No,” it could be a phishing scam. Look for the signs above. If you’re still suspicious, report the message and delete it.
If you think the message may be real, contact the company using a phone number or website you know is real. Do not use the information in the email.
What to Do If Your Data Has Been Compromised
If you think a scammer already has your private information or your company’s information, go to IdentityTheft.gov. You’ll see specific steps to take based on the information you lost. If you think you clicked on a link or opened an attachment that downloaded harmful software, update your computer’s security software. Then run a scan.
How to Report Phishing
If you got a phishing email or text message, report it. The information you give can help fight the scammers. If you got a phishing email, you can forward it to the Anti-Phishing Working Group at firstname.lastname@example.org. If you got a phishing text message, forward it to SPAM (7726). You can also report a phishing attack to the FTC at ftc.gov/complaint.
Boost Your Protection
As phishing schemes and malware continue to increase, you can protect yourself and your business against the devastating losses that can result from cyber attacks.
Many insurers are now offering coverage under the names cyber risk insurance, cyber hacking insurance, or cyber liability insurance. This kind of coverage may help you recoup revenue lost during a cyber attack, recover critical data and restore your operations.
Some crime insurance polices also include coverage for computer fraud and funds transfer fraud. Other insurers offer social engineering coverage that includes phishing-related losses.
Protect Yourself Before, During, and After a Breach
If you process credit cards online, accept digital payments, collect customer data, store confidential information including medical or financial data, or handle other sensitive data, you may need protection.
Cyber insurance can help with the money, time, and resources that may be necessary to recover from an attack. A breach may have exposed customers’ sensitive information, required you to pay for credit monitoring, or exposed you to fines if standards weren’t met. You insurer may be able to help you learn best practices when it comes to data security and keep you up date on the latest areas of risk and how to mitigate risk. They may also be able to help you put together an incident response plan in case something happens. Some insurers provide incident response experts, who can investigate the breach and limit the damage.
Farris Insurance can help you find the right insurance policies for you and your business. Contact us today at (479) 756 – 6330 to talk to one of our agents and find out what’s right for you.