Phishing: the new internet pastime

fishingFor many, fishing is a relaxing recreational sport.  Growing up in Missouri, I was fortunate to have a lake on our property and my love for quality fishing rods, beautiful lures and even stink bait became an important part of my pastime activities.  A bad day of fishing is time well spent.

Today, there is a new type of pastime called “phishing” and it has nothing to do with reeling in bass, crappie or trout.  Phishing scams are the attempt of defrauding an online account of financial information by posing as a real company.  What we once thought was just folks taking advantage of the elderly is now a very real and scary business with more than 120,000 unique phishing attacks worldwide.  With more than 750 targeted institutions, the highest the APWG (an internet policy committee) has ever seen.  This is very real and affects all of us.  This internet pastime activity needs to be understood more deeply by the financial services community.

Phishers are strategic criminals.  Shrewd and decisive, they use scam campaigns to pick off as many of us as they can to gain access to our private, financial information and for fun, many drop malware viruses onto our computers to make them crash and burn.  They will stop at nothing.

Some examples of phishing scams include:

  • You receive an email from your bank asking you to reset your password.  Should you click the link?
  • You receive an email security notice from your IT Department with a link to find out more information about a privacy break.  Should you click the link?
  • You receive an email saying your iPhone was recently accessed and to click a link to reset your PIN code.  Should you click the link?

Overwhelmingly, I’m going to say in EVERY situation where you feel something looks “off” – it probably is.  Never click links.  Never download attachments.  Never reply to sender.  Just delete the email immediately and notify your IT department (if applicable) so they can research.

Some tips to avoid phishers are:

  1. Use your SPAM folder.  It is there to protect you.  Block anyone whose email address you don’t know.
  2. Don’t send personal information through emails.  Well that’s hard with the financial service work we do, eh?  If you have a way to use encrypted email- use it!  Otherwise, pick up the phone and call.
  3. Never click on links in email.  Ever.
  4. Beware of pop-ups.  If they do pop-up, do not enter information in them.
  5. Remember, you are always the target.  Phishers are very smart, they will continue to hit you with all they have.  Always been on alert!

To drive these tips home, Twitter recently put their staff to the test.  I don’t know about you, but I’m thinking an internet company would be pros at detecting phishers, right?  They wanted to see how many would fall for different types of phishing scams.  With so many big brands under scrutiny for compromising their customers’ data, Twitter took a proactive approach and said, “Let’s see which employees know phishing scams and which ones don’t.”  Their newer employees failed, their seasoned employees rocked.  Using these scam emails as a pop quiz, Twitter was able to then see where continuing education was needed and apply accordingly.

I don’t share this to scare you from ever doing business through email again.  I share this to make you more informed about the target on your back and on your clients’ back.  Be smart about email, use it wisely and keep your identity and financial information safe through encrypted email systems and by modifying certain online behaviors.  It’s always better to be safe than sorry.

Be bigger, better and more BIONIC today!

Sheryl Brown / @BIONICsocialite

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s