Don’t be fooled by phishing: 3 ways to protect yourself

Recently, we received a questionable email from one of our clients. The email was from LogMeIn requesting that the client renew their subscription. Upon initial inspection, it looked legitimate! It even included a disclaimer. However, the office manager who received it, wasn’t so sure. It didn’t seem right, so she forward it to us to investigate. We’re glad she did. The email was in fact a “phishing” email meant to trick her into giving them credit card information.

So what is Phishing?

According to Symantec:

Phishing is essentially an online con game and phishers are nothing more than tech-savvy con artists and identity thieves. They use SPAM, malicious Web sites, email messages and instant messages to trick people into divulging sensitive information, such as bank and credit card accounts.”

The bad guys do it by crafting an email (or website) that seems legitimate and authentic. The whole goal is to get you to submit your personal, sensitive, and/or financial information.

Here are 3 ways to protect yourself, if you receive a suspicious email or visit a suspicious website.

3 ways to protect yourself

  1. Have a good Anti-virus/Anti-malware program installed

    • One that includes the following features:
      • Email Protection: “Email Protection” moves any suspicious email and SPAM to a junk folder for your future review.
      • Safe Surfing: A “Safe Surfing” feature attempts to identify each website you visit and verify if it’s a known suspicious site and scan any downloaded files for viruses.
  2. Trust your instincts

    • While the above mentioned Anti-virus/Anti-malware program will go along way in protecting you, it still requires due diligence on your part to recognize when things just don’t seem right.
    • Go with your gut! If you feel something about it isn’t right, it most likely isn’t. Trust yourself, you know best.
  3. Go to the source

    • If you need to verify the details, go to the source directly by contacting the company using the information you already have on file or find the contact information independent of the email received or website encountered.
    • DO NOT use the phone numbers or links provided within the email or website.
    • If you’re really unsure, contact your trusted IT provider. They can assist you with verifying it’s authenticity.

As for our client’s situation, since we help manage their LogMeIn accounts, we went to LogMeIn‘s website directly and obtained their telephone number from the Contact Us Page. Upon calling, we were quickly informed that they were aware of the “phishing” emails and they have already received numerous calls. We then reviewed the overall  account details. All is well. They are good-to-go. 🙂

While it did take some time to validate the legitimacy of the email, it pales in comparison to the time, money and sense of security lost from handing over one’s personal, sensitive, and/or financial information to a thief. The peace of mind and relief felt from avoiding this situation is well worth the small investment in time and effort.

Lastly, Education is the best prevention. Advise your staff and co-workers of these dangers. Share this article. Every investment in the knowledge you share will continue to keep your business and practice safe, secure and productive.

Additional resources for more information:

Committed to your success

Perry

Please note: I reserve the right to delete comments that are offensive or off-topic.

Leave a Reply

Your email address will not be published. Required fields are marked *