Posted by: Heather Shy on March 25, 2016 at 2:00 pm
Phishing (pronounced “fishing”) is an email scam where the phisher attempts to get personal or financial information by posing as an authorized user, such as a trusted friend or co-worker, your bank, or a well-known company like PayPal. Here are four common phishing scams and how to beat them:
The Trusted Company Scam.
This usually looks like it’s coming from a well-known and trusted business, such as TurboTax, UPS, or your bank. The email will usually say that you must verify an account or authorize a delivery. It may say that your account will be cancelled if you don’t verify it. There will probably be a link to click on that goes to a copycat site. Do not click the link or log in from it!
Defeat it by opening a new browser window and logging into your account from there.
The Boss Scam.
This email will look like it’s coming from the CEO, CFO or other higher-up in your company. Two forms we’ve seen are the money transfer and the W-2 request. The money transfer email will ask you to transfer several thousand dollars, possibly for a new business venture. The W-2 scam asks for all current employee W-2 forms. Do not create the transfer or send the forms without verifying!
Defeat it by calling or texting the supposed requester to verify before sending any money or confidential information.
The “Help, I Need Money” Scam.
This email appears to come from a friend or relative. It states that they are in some kind of financial or medical trouble, usually in a foreign country. And – you guessed it – they need you to wire them a few thousand dollars immediately. Do not send money to a foreign country without verifying!
Defeat it by calling your friend or relative to verify. (And make plans to do something together – you probably don’t see them enough.)
The Resume or Invoice Scam.
Unfortunately, several of our clients have been hooked by this one. We even get these emails here at TAZ (usually caught by the email filtering built in to Microsoft 365). The email will come through with a subject line referring to an invoice or missed payment. (Sometimes it will claim to be a resume.) There will be a file attached. When you open it, it installs malware onto your computer, which can spread to your network. Do not open attachments from people or businesses you don’t know!
Invoice scam: Do you have a relationship with this company? If not, why would they be sending you an invoice?
Resume scam: Is your business hiring? Are you the hiring person? It’s worth the risk of missing out on a potentially perfect employee in order to protect your business.
Defeat it by not opening the attachment or clicking any links. Microsoft 365 email filtering will allow you to preview these emails before they hit your network, and block the sender if needed.
Think you know a lot about phishing? Take SonicWall’s Phishing IQ Test. And ask us how next-level email filtering can protect your business.