Phishing Scams Employees Must Avoid

In 2020, security threats have risen to an all-time high. Many of these threats come in the form of phishing scams. Phishing scams trick you into exposing sensitive information like passwords, account numbers and other personal information. 

This information in the wrong hands can be detrimental to any individual or business.  Scammers commonly pose as an individual or institution that you trust. For instance, they may do so through fake emails, websites, or social accounts. Commonly, they will assume the  identity of your bank, an online store you’ve purchased from, a government agency or even a coworker.

Top phishing scams of 2020

Scammers are constantly finding new ways to deceive innocent people. They change their tactics often to catch their unknowing victims off guard. As a result, thousands of phishing attacks take place every day. Here are some to watch out for:

  1. Typosquatting 

Hackers will buy domain names of common misspellings for reputable companies. For instance, to target Apple Customers, a hacker might purchase the domain “www.Appl.com”. Moreover, they can build a site that looks legitimate to any visitors unlucky enough to find it. That site could lead to malware being downloaded onto a device. Additionally, it may result in your information being collected during an attempted log-in.

  1. Fake Log-In Pages

Fake log-in pages mimic trusted sites like an email account. They can be fairly difficult to distinguish from a valid page. As a result, login credentials can easily be compromised. This is perhaps the easiest way for a hacker to gain access to an account.

  1. Business Email Targeting

Business email targeting is a phishing tactic focused on specific people within an organization. Technology and financial companies are the most frequent targets. Once scammers have gained access to specific business emails, they can use deceptive tactics to reach key stakeholders. As a result, they can extract business or personal funds from their intended victims. This type of phishing has risen with many employees working from home. We explore similar challenges and offer tips in a recent blogpost on cybersecurity tips for remote work.

  1. Deepfake Scamming

Deepfake technology uses artificial intelligence to manufacture fake audio content. In 2019, deepfake technology allowed scammers to extract nearly a quarter of a million from the CEO of a UK-based company. Similar scams will only rise in the approaching months. 

Can you stop phishing attempts?

The best way to stop phishing attempts is to ensure a secure network. Firstly, speak to your managed service provider or in-house IT team about how to properly safeguard your business from such attacks. If you don’t have a designated team to handle this, we’re happy to help. You can schedule a consultation today with a Starfish specialist to address all of your current security needs.

However, even with security systems in place, there is still a chance of some phishing attacks being successful. Secondly, you should always remain cautious of any suspicious emails and learn to recognize indications that an email is fraudulent. Be aware of language that is incongruent with the supposed sender.

Thirdly, start using multi-factor authentication for added protection. This protocol requires additional credentials outside of a username and password to access an account. These additional credentials form another security layer that is unlikely to be accessed by scammers.

Navigating the cyber world becomes more difficult each day with rising attempts from scammers. Stay updated with scams that are currently circulating. This will ensure you protect yourself and your business.