We’ve put together a quick and handy guide to help you stay savvy when it comes to fraudsters trying to trick you into sharing information with them.
Social Engineering
Social engineering is the art of manipulating victims to give up confidential information, typically via social media.
There are many different social engineering routes that scammers are taking to try and get money and/or information from you, such as the recent WhatsApp scam which specifically targets parents by posing as their child in a dire situation who needs money sent over immediately, or the cryptocurrency scammers on LinkedIn who are promising to help you invest in cryptocurrency by managing your investment accounts.
Both social media scams are orchestrated to try and swindle money from you! You can combat social engineering in your organisation and teams by:
- Underpinning your operations with a reliable disaster recovery and business continuity solution.
- Educating your teams on what social engineering is, the different attack methods and making sure they have regular training on this.
- Ensuring you have an incident response team in place to put their plan into action should a hacker gain entry to your business.
Phishing Emails
Phishing emails generally appear legitimate and from a trusted source, but there are a few things you can check when a questionable email comes through:
- Check the from address. Often, it’s easy to spot a fake but sometimes you need to take a closer look as there may be small differences such as ‘company.name@’ to the fraudulent ‘company-name@’
- Has it been marked as urgent? This is a known tactic to instil panic and is more likely to cause you to make a mistake. Instead of acting on impulse, take a step back and question the authenticity.
- Spelling & Grammar – Does their style of writing seem different than usual? Simple typos and poorly constructed sentences that don’t make sense are an easy way to filter out a dodgy email from a legitimate one.
When in doubt – ask! An easy way to avoid falling for these tricks is by calling the person who the message has allegedly come from to check if they were actually the ones who sent it, or if it is indeed an impersonator.