Dec 07 in blog
Written by: ITworks Marketing
One of the top cyber crimes, and the most lucrative, are phishing scams. Large corporations such as Sony have been compromised and accounts of these types of cyber crimes are being reported at a high rate. Phishing scams are just as dangerous to small business owners as they are to large corporations.
The Internet Crime Complaint Center, a collaboration between the FBI and the National White Collar Crime Center (NW3C), received over 300,000 complaints in 2010 from both individuals and small businesses that have been victims of online phishing scams and other Internet related crimes.
To give you a better understanding as to why your small business is of great appeal to a cyber criminal, let’s take a look at what phishing is exactly.
What is phishing?
Phishing is the act of attempting to get personal data such as usernames, passwords, credit card and banking information. This is easily done by creating fake websites, logos and email addresses and phone numbers. The victim is compelled in some way to reveal private information such as social security numbers and or other information that can be used to steal their identity. In the case of a small business, the phishing scam may be used to attain customer credit card numbers.
Examples of small business phishing scams
Thousands of small business owners have been sent emails by an entity using incredibly authentic IRS-looking letters stating that W-4 forms or other additional forms must be filled out and returned via fax. This frightened many owners into believing they would be audited or penalized by the IRS for not handling the issue immediately. Unfortunately, they were fraudulent emails and these companies were fooled out of their personal information.
The IRS states on it’s website at IRS.gov, that it will not initiate any contact by email and that you should never click any links on an email sent to you asking you to send anything to the IRS.
Your company email can be a target
Thieves can gain access to a business by focusing on a particular individual by sending them fraudulent emails that conveys a professionally sincere image. Most of the time these emails will contain a computer virus or malware. It has the ability to infect a company’s entire network, which allows thieves to gain access to confidential data.
Phone phishing
There are also a number of “phone phishing scams” where fake messages from your bank, for example, ask you to call a phone number and enter your account information.
How to protect your business against phishing
The Anti-Phishing Work Group offers great advice on how to keep your small business from becoming a target of phishing. Here are several of their tips:
- Make sure your employees are aware of what phishing scams are, and are cautious when reading and responding to suspicious emails. Always err on the side of caution. Instead of clicking a link, open another browser window and go to the official website.
- Never give out company financial information such as bank routing numbers to an inquiry made via email. Your bank does not need you to confirm your account information…they already have that. An email like that even if it has your bank’s logo is a fake. Make it a habit to check your accounts regularly for suspicious charges and withdrawals.
- Make sure every computer used has up-to-date virus and malware protection. Schedule regular full system scans. Never download “anti-virus” software from an unknown entity. It’s better to stick with trusted brands.
It is nearly impossible for law enforcement to stop phishing, so the best method of defense is the education of your employees for identifying, dealing with, and staying up to date with phishing scam trends.
