It’s that time of year – next Monday is “Cyber Monday,” meaning many people (possibly your employees) will be rushing around on the Internet, quickly clicking on links to obtain great deals while holiday shopping. They will be clicking on ads, signing up for discounts and getting emails from all sorts of resellers, and yes – quite often using their work email accounts.
That’s why I thought it was a good time to remind everyone about Internet safety and security. It’s a risky time of year with all of the online shopping and browsing that’s going to happen in the next few weeks.
Beware of Phishing Scams
Phishing is the activity of defrauding an online account holder of financial information by posing as a legitimate company. Here’s some of the ways this can be accomplished.
If you receive an email that contains links and are suspicious, one quick way to see where the link is going to take you before clicking it is to hover over the link and just pause. A little window will pop up showing where the link is pointing. If the URL that pops up differs from the one you see, DO NOT CLICK IT!
We aren’t talking about normal threats, but threats like, “If you don’t click this link and enter your password now, your account will be deactivated.” Always be suspicious of these types of emails. If it is from a company, you should go directly to their website to see if this is a scam. Do not click anything in the email. Again – do not go to the website by clicking a link contained in the email. A common email we’re seeing recently is a notice that you have an overdue invoice being sent to collections – that really makes you want to click the link and get more information. If you fall for this type of phishing scam, you are risking locking down your company’s data and/or your personal identity. Don’t let that person be you.
Big-Name Companies and Common Emails
One of the most popular scam emails circulating is a UPS and FedEx “track your package” email. We all get emails from UPS and FedEx, and this will increase with the holidays approaching. It is natural instinct to click the “track your package” link. Absolutely triple-check these emails and instead of clicking the link, go to the site where you ordered your packages and track it from there.
Be Savvy While Traveling
Anytime you are on a public network (at the airport, for example), it is important to not connect to banking systems or any website where you will pull up confidential information. Without the proper security software and protection, your data, usernames and passwords could be logged.
Microsoft’s new Wi-Fi Sense feature allows users to share their network’s password with a list of friends to give them automatic access. The trouble? Like so many other apps, this one can sync up automatically with your Facebook and Outlook contacts, inadvertently giving the masses of people in your friends list access to your network, and if you’re not careful, access without your knowledge.
Pay Attention to Other Concerns
Most users find strong passwords annoying, but it’s so important to make sure you use a strong password and change it often. Be careful any time you receive an email asking for your password, or encounter someone on the phone attempting to get your password. Please do not post your password on sticky notes on the bottom of your computer or anywhere around your desk.
Keeping your software up-to-date on your computer, tablets and mobile phones is extremely important. Be sure to run Windows updates, and update Android OS and iOS devices as soon as new updates come out. Most of these updates are security-related and released to combat the latest ideas the bad guys have come up with.
Cloud does not mean automatically secure. Please make sure any address where you are entering your password and information starts with https://. Also do your research before choosing an online platform to save your secure documents. The “S” in https stands for secure; remember that.
Fraudulent Phone Calls
Never give someone access to your computer that you do not know and never disclose information over the phone even if the phone number looks legitimate. There is a current phone call going around that appears to be from the U.S. government and they ask you to verify your Social Security number and date of birth. If you fall for this one, know that someone else will likely be using your identity soon. If you receive a suspicious phone call hang up, verify the company is someone you should be talking to then look up the phone number yourself and call back to verify the call was a legitimate one. Remember, the IRS is not calling your cell phone to inform you that you owe income taxes and are about to be charged criminally. My personal creed is to not answer calls from numbers that are not in my contacts. After I listen to one of these fraudulent voicemail messages, my next move is to block the caller.
Do you like to play free games online? Congratulations! You’re a winner and your gift is malware on your computer. Almost every site that has free games or other ‘free’ items still wants to make money and the way they make money is to advertise or infect your computer with spyware. This is the same for free games and tools you download. And this is also the same for emails saying you will win a free iPad if you respond to their survey. Very risky.
As always, if you are suspicious of an email, reach out to Terrapin Technology Group before opening it. No question is a silly one and, like you, we prefer helping you now rather than after a data breach. With the right preventative steps, you can play a role in keeping your network safe and secure.
Happy Thanksgiving from Terrapin Technology – be safe!