What do these three real e-mails have in common?
- Kohl’s Winner – “Notifications – Re: 2nd attempt for Paul”
- Walmart Stores – “Re: CONFIRMED: Paul you are selected”
- Lowe’s Winner – “Congratulations Paul! You Are The Lucky Online Winner Of A Brand-New Sweepstakes Dewalt Power Station Entry”
No, “Paul” isn’t the luckiest person in the world but, as you might have guessed, the target of cybercriminals.
Recently, there have been hundreds of thousands of fraudulent emails sent out with the aim of deceiving recipients into offering up personal information. This could be something as simple as requiring a Social Security number to "confirm" the receiver's identity before giving them their alleged prize. It could also involve getting access to banking details in order to deliver the supposed monetary reward.
Clearly, they are not utilizing the data for those purposes, yet rather exploiting it to take from your records, take your character or just offer the information on the dark web to others who will think of approaches to use it.
What implications does this have for your company?
According to the Broadcom Security Center, the typical worker obtains a fake e-mail roughly two times a week. This implies that firms with only 10 personnel would be targeted as much as 1,040 times in a single year!
Even though your workers are aware enough to not share their individual Social Security numbers or bank account information, did you realize that a single click on a link in an e-mail can make their computer (as well as every other machine and network that is associated to it) vulnerable to a range of risks?
By clicking on a link, the sender will be aware that the account is active which may lead to more spam messages being sent and make the account more prone to further attacks.
By merely tapping on a link, the worst-case scenario is that a malicious file – such as a virus, malware or spyware – is downloaded and the entire system is put at risk. This malicious file is capable of tracking logins and passwords, as well as accessing client databases and financial accounts.
This could potentially result in a deceptive website (often made to look authentic) where your staff member might unknowingly input sensitive data.
It is clear that none of these results are advantageous for your staff or your business. As per the US Small Business Administration, in 2020, cyber attacks such as this inflicted more than $2.8 billion in harm on small companies, with losses of up to $653,587, based on Verizon's information.
It is possible to keep your staff and business secure from such scams without spending a lot of money. The best way to do this is to educate your employees on cyber threats and implement cost-effective technological measures such as blocking suspicious emails and denying access to dubious websites.
Even though implementing these safeguards is relatively inexpensive, it would be catastrophic for your business if you neglect to provide these types of training and safeguards.
To prevent any of your staff members from being exposed to the more than 1,040 malicious emails they could receive, take a proactive approach and ensure that they never receive these emails to begin with. Additionally, if they do happen to click on a link, the corresponding website will be blocked.
To see how to stop being a sitting duck and instead take control of your security, simply call us at 574-857-4771 or go to https://www.lecsit.com/discoverycall/ to set up a quick call, and we’ll walk you through your options.
*You can check the facts on these scams and get the details. For the one from “Kohl’s Winner,” go to https://www.youtube.com/watch?v=Hu-c_E8tkD0; from “WalmartStores, go to https://corporate.walmart.com/privacy-security/fraud-alerts/; from “Lowe’s Winner,” go to https://bestlifeonline.com/lowes-air-conditioning-message-scam-news/
Also visit:
https://www.sba.gov/blog/protect-your-small-business-cybersecurity-attacks
https://www.verizon.com/business/resources/reports/dbir/2021/smb-data-breaches-deep-dive/
