How RMTs can avoid getting scammed
To drive business to your RMT practice you likely have your contact information in multiple locations on the Internet: your website, Facebook page, LinkedIn profile, and the like. As a result, you receive many email inquiries from potential clients and are accustomed to opening messages from people you do not know. This is exactly the results you are wanting, but it comes with some risks. Not only is your email address available to new clients, it is also exposed to online predators who are out to do you harm. Therefore, email from unknown sources should be handled with care.
By Jessica Foster
Let’s look at some of the techniques cyber criminals use and how you can avoid them.
Phishing is a method cybercriminals use to obtaining confidential information that can be used to harm you. Just as a person might use bait to entice a fish to bite the hook, phishing uses counterfeit email to trick you to give up confidential information.
Phishing scams are often intended to steal passwords, obtain banking and credit card information, enable identity theft, encrypt your data and control your computer without you knowing it. This is often done by tricking you (knowingly or otherwise) to install malicious software (malware) onto your computer. Once installed, this malware can steal your personal information or lock you out of your computer, holding your data for ransom. These are just a few of the consequences of a phishing attack.
Recognizing phishing email
Phishing attacks are typically executed in an email or text message. They can be sent randomly or specifically targeting you. Social engineering is oftentimes employed – gaining your confidence and tricking you into the fraud. In specific attacks against you the phisher may know more about you than you would believe. Your website or social media presence can be used to identify you, your interests, and your potential vulnerabilities.
Here are some warning signs of phishing e-mail.
1. Using a generic greeting. Phishing emails, like other forms of spam, are usually sent in large batches and are not typically personalized. If you are not addressed by name, be wary.
2. Spelling mistakes in content. Cybercriminals are not always spelling or grammar experts, a real bank would not allow a correspondence to their clients go out with errors in it. If you see obvious spelling mistakes, it may not be legitimate.
3. Spoofed link. While the text used for the link may look legitimate, it doesn’t mean the underlying link is. Mouse over the link and see if the destination URL matches what appears in the email. If not, don’t click.
4. A time limit with an intimidating consequence. Cybercriminals want you to act now by leading you to believe something bad will happen unless you act immediately. Don’t fall for this tactic.
Phishing scams will continue to become increasingly sophisticated. A good rule of thumb is, if in doubt, throw it out (hit delete).
How to avoid being scammed
Educate yourself on how to recognize phishing email characteristics. Then, ensure all your staff is trained to recognize phishing attempts and know what to do when they suspect phishing. Here are a few best practices to follow:
• Use caution when opening emails from unknown or untrusted sources
• Do not click on links provided by unknown or untrusted sources
• Perform regular data backups to external mediums (i.e. separate computer drive). After backing up your data disconnect the external drive from your PC.
• Do not allow untrained or untrusted persons to use your PC
• Lock your laptop and desktop PC and smart cellphones
• Purchase anti-virus software and get the updates
As Benjamin Franklin once stated, “an ounce of prevention is worth a pound of cure.” You can do yourself a favor by dedicating time to research and further study on the matter of phishing.