Certified and Verified Service-Disabled Veteran-Owned Small Business (SDVOSB)

Need The Best IT Services In Colorado Springs?
Call Us Today!
(719) 355-2440Key Points
Phishing scams are becoming more common and can take many forms. According to Expert Insights, 80% of companies have seen an increase in email phishing attacks since March 2020. This article will explore phishing and how businesses can guard against it.
Hackers and scammers use a variety of methods to fool people online. What sets phishing apart is that it involves messages that purport to be from a trusted source. It may be a phishing scheme if you see an unusual message in your email or social media supposedly from a friend, colleague, or financial institution. The goal of phishing scams may be to install malware or a virus on your computer, convince you to make a payment or obtain confidential financial information such as bank details.
There are several types of phishing. These terms are all taken from actual fishing and describe different ways scammers can capture important data. Email phishing, the most common type, usually involves sending bulk emails and hoping some recipients will be fooled. These emails appear from reputable companies such as a bank, PayPal, or Amazon. One way to spot these emails is to look carefully at the recipient information and the email body. Phishing emails often contain spelling mistakes, unusual fonts, and random characters.
Other types of phishing, such as spear phishing and whaling, are more targeted. These messages are directed at a specific individual, such as an employee or officer in a company. Whale phishing targets high-ranking corporate officers such as the owner or CEO.
Small Business Trends reports that phishing attacks are common on social media, with 71% of companies experiencing social media attacks in 2021. Because of its B2B focus, LinkedIn makes up most of these attacks. It’s important to inform employees to be cautious when interacting on social media. Many attacks pretend to be from a contact.
Use common sense before sharing information with anyone you don’t know well. Spearing and whaling are longer and more involved scams. They are more like online versions of old-school cons. The scammers may research the target on social media and other sources. They may connect with you on LinkedIn or Facebook. This can make it easier to gain the target’s trust before getting them to reveal sensitive information. Don’t respond to direct messages from unknown recipients. It’s safer only to accept contact requests from people with whom you at least share some common contacts.
In the informative video, North Carolina CPA Gives Advice On How To Protect From Phishing Scams, Kevin Bassett discusses the dangers of fake invoices and payment requests. He advises businesses to have a verification system where employees must check with someone in authority before sending payment.
A popular variation on this scam is a fake PayPal (or other payment processing) invoice. These invoices may look legitimate and appear from companies you work with. However, employees should be on the lookout for any irregularities. For example, if the amount is unusual, sent at an unusual time, or if you’ve already paid the invoice. If an employee has doubts, he or she should ask a supervisor or owner. You can always call the company that allegedly sent the invoice for verification.
Ensure all employees know what they may share and with whom. Creating data classification categories such as public, internal, classified, or restricted is useful. A data classification policy won’t, by itself, prevent all phishing efforts. It will clarify what kind of data they should never share.
One of the most common ways hackers can steal your data is by clicking on a link, whether sent in an email, social media post, or messaging app. Don’t click on anything or reply if you have doubts about a message. Rather, open a new browser page and bring up the company’s website.
Phishing scams are designed to get victims to react without thinking. They often do this by saying you need to take urgent action to avoid a serious problem. On the other hand, they may also create a sense of urgency to seize an amazing opportunity before it’s too late. In either case, you rarely have to respond to a message immediately. Whoever gets the message at least has time to check with a manager or owner, call the company, or log onto their website in a new window.
Keep these tips in mind and share them with your employees.
Phishing scams are likely to be around for a long time. The most you can do is be aware of them and do as much as possible to avoid them. Being alert and vigilant can prevent the vast majority of phishing attempts.