Cybersecurity and Protecting Your Information: Sign Up for the KnowBe4 Weekly Newsletter So You’ll Stay in the Know
Cybersecurity and Protecting Your Information
Sign Up for the KnowBe4 Weekly Newsletter So You’ll Stay in the Know
By Martial Frindethie
Cybersecurity is a top concern for everyone nowadays. Cybercriminals are targeting our most used forms of communications from emails to texts and even phone calls. Unfortunately, it’s nearly impossible to completely avoid being targeted by malicious scammers, but there are red flags you can look out for to lessen the chance you’ll fall victim to them. In this brief post, I offer a little background on phishing, a common cyber scam, as well as share two common phishing scams and the red flags that will help you protect yourself against them.
What is Phishing? A phishing email or text is a type of social engineering attack that attempts to steal your money or your identity by getting you to reveal personal information on websites that pretend to be legitimate. The communications often look like they are coming from legitimate sources and often include links or attachments that, once you click, will deploy malicious software (viruses) on your device. Phishing occurs via email and text so beware of suspicious links in both.
Red Flags to Spot a Phishing Email or Text
- Look for misspellings in the sender’s email address or body of the email or text itself.
- Avoid clicking on any links or attachments in emails/texts that you were not expecting.
- Always contact the sender via a known phone number to confirm it is legitimate before clicking on any links or attachments in the email or text.
Two Examples of Recent Phishing Scams
These are two examples of recent, prominent cyber scams that a cybersecurity awareness company, KnowBe4, found cybercriminals use to try and gain access to people’s accounts:
1. Healthcare Reimbursement Phishing Scams
Cybercriminals send phishing emails that appear to be related to an active reimbursement request. The emails usually ask you to verify some identifying information to finish processing the request. If you provide this information, cybercriminals can use it to gain access to your account by verifying your identity. They can then update your direct deposit information to redirect payments to their own bank accounts.
2. MFA Prompt Bombing
Multi-factor authentication (MFA) or 2-Factor authentication (2FA) provides an extra layer of security for your accounts. Cybercriminals can use an attack method called MFA prompt bombing to get around the MFA protections and overwhelm you with prompts via email, text message, or phone call. The cybercriminals may attempt to log in to an account using your credentials. Then they’ll request a phone call MFA verification, which is sent to the phone number you use for MFA. The cybercriminals will often request these verifications late at night when you’re asleep and unprepared. If you accept the phone call and press the button to verify your identity, you may grant the cybercriminals access to your account.
Want to Receive the KnowBe4 Newsletter Directly?
To receive a short weekly newsletter from KnowBe4 with tips and tricks to avoid the latest cyber scams like the ones I spotlight above, please email me at Martial@MillstoneEvansGroup.com and I will have you added to that newsletter mailing.
Finally, with so many ways for cybercriminals to trick you into giving personal information away, click here to read how Raymond James helps us protect our clients’ privacy.
