SUBJ: GOOD NEWS!
From: Teste AM <email@example.com>
This is to officially inform you that you have $500,000.00 waiting for pick-up at Western Union from the Heritage Foundation and we have also register online your first $50,000 transfer, kindly visit western union online or click on the direct link https://www.westernunion.com/global-service/track-transfer to track your first payment with the Mtcn details below.
And kindly write back to us to furnish you with the remaining pick-up details.
The above is an actual email one of our clients received earlier this month. Fortunately, Outlook flagged it as spam and the client knew not to respond. (They only forwarded it our way because they thought it was funny – and so do we!)
This email is a prime example of one of the most common scams circulating on the Internet today: a large sum of money promised for no reason, with a fishy link to follow to “claim” the first payment. Internet scams tend to follow a few familiar trends:
- They’re digging for personal information through a phishing scam. Phishing scams can range from fake surveys to spoofed links to infected downloads and more. Recently, CEO fraud has become a popular tactic among scammers. The scammer creates an email that looks close to the real email address for the CEO of the company (something like firstname.lastname@example.org instead of email@example.com), and uses that email to ask employees for information or wire transfers in a hurry. If an employee is in a rush, they may send that info without looking too closely at the email address.
- They’re asking for money, possibly by offering you more. This is one of the most common tactics scammers have used across history, and still use today. They offer a significant amount of money in the form of a wire transfer, government grant, or tax refund, so long as you or your business pay a modest “transfer fee.” That transfer fee goes into a dummy bank account, and the business never receives its grant.
- They pretend to be tech support to get access to your system. Scammers can imitate a vendor, like a telcom provider or tech support agent, to make people trust them more. They claim to be calling from “Microsoft” or “Verizon” to let you know your computer is chock full of viruses, or your business’s phone bill is long overdue. Usually, these types of scammers will give instructions—download a program, follow a link, install an update—that, when followed, give the scammer access to your system. Ransomware typically falls into this category: someone finds a way to take over access to your files, and then demands you pay them money to have the files released.
Fortunately, when you know what to look for, scams like these can be relatively easy to avoid. In general, if it smells fishy, it probably is. Today’s businesses can be especially vulnerable to online scams because there are so many new forms of communication available to us today. As technology has evolved, so have scammers’ methods to hijack systems and access sensitive information.
Here are a few ways to avoid getting swindled:
- Contact your Managed IT provider immediately. If you work with a managed service provider like Grand Technology Solutions, you can always ask for a second opinion.
- Double-check the source. Is the email address correct? Is the phone number the right one, or just close? When in doubt, double-check with the employee or supervisor the message is supposedly from. If it’s a legitimate request, your team will appreciate the extra security.
- If it’s too good to be true, it probably isn’t. If people were just going around handing out $500,000 at a time, we’d have a much bigger office.
- Never send money over the Internet without using trusted payment and transfer systems. Proper payment services use data encryption to protect credit cards and bank info from potential security risks. Wire transfers and other transaction options can feel risky – in general, if you don’t feel safe completing a transaction, don’t follow through.
- Never open attachments. If you’re not sure of the source, don’t open an attachment on a risky email. These attachments can often contain worms or other malware designed to infiltrate your system.
- If you fall for it, change your login information as soon as possible. Mistakes happen! If you clicked on a fishy link by accident, filled out a login page that looks strange on a second glance, or took any other actions that might have put your info at risk, it’s a good idea to change your login just to be safe. Update your password and make sure any connected accounts have been updated, too. And reach out to your managed solution provider right away (that’s us!)
We’ve all heard stories about “lost inheritances” promised to foreign business partners by a Nigerian prince. This scam may be familiar enough that it’s become easy to avoid, but there are still many common Internet and email scams out there that target small businesses and their employees.
With the right protections in place, you and your business can rest easy. GTS’s remote monitoring and management service keeps an eye on your computer network 24/7/365, and we’re able to identify and quarantine threats before they can have an impact on your business. Call us today at (904) 606-6011 or email firstname.lastname@example.org to learn more.