Knowledge is power, and knowing how to identify potential phishing emails and spoofing scams can help you, your business and your employees dodge the proverbial bullet of identity theft. It’s no laughing matter. Sure, they’ve made a funny movie about identity theft, but the fun stops when it’s your identity being used for ill-gotten gains. It can take months, or even years, to undo the damage one phishing email can cause — so how do you protect yourself and your business interests against such threats?
Let’s first take a look at what phishing and spoofing scams are. Though definitions vary, these types of scams are when identity thieves pose as a legitimate company and send emails asking for personal information. They ask email recipients to reply to the fake email or direct them to a website that looks legitimate, but is far from it.
So how do you fight against these types of communications? One simple word — education. The better you and your employees are at identifying the red flags of a phishing scam, the less likely you are to fall victim to such an attack. That’s why PayAnywhere created a dedicated Web page detailing what to look out for, and how to act when, and if, you get a suspicious-looking email. Here is a quick snippet of how to spot a scam from the new PayAnywhere page:
Requests for personal information: We do not ask you for sensitive information via email, such as your password or Social Security number. We do not send communication that will claim to close your account if you do not verify your personal information.
See all the red flags, and how to protect your online PayAnywhere account by clicking here.
Phishing emails are just the tip of the iceberg for identity theft scams. From old-school dumpster diving to low-tech shoulder surfing and high-tech schemes like pharming, the Center for Identity Management and Information Protection (CIMIP) has tips on how to avoid falling victim to these and the other schemes.
Three scams business owners should look out for include:
Mail Theft — Thieves target your mailbox and remove mail without your knowledge. They’re looking for things like credit card bills and bank statements where they can gain access to sensitive information they’ll use to steal your identity. CIMIP recommends you monitor your mail. If you suspect someone is stealing it, contact the post office as soon as possible. If it continues to be an issue, it’s recommended you get either a locking mailbox or rent a box at the post office.
Pretexting — This is where the thieves have done their homework on you and know some of your personal information. They are hoping when they contact you, you’ll take the bait and give them even more personal information over the phone. To prevent being a victim of pretexting, ask for a call back number and why they need this information. If you’re still skeptical, look up the company’s phone number and call them yourself and ask about the validity of the call you received.
Man-in-the-middle attack — As the name states, there is a man in the middle that intercepts communication between two parties without either knowing it happened. The most common instance of this is when a scammer redirects you to a site that mirrors your financial institution’s website, and as you complete your transaction, it reroutes it to your financial institution in the hopes of gaining personal information, your password, and credit/debit card numbers. One way to protect yourself is to keep a keen eye on the web address bar and if anything seems out of place, close the browser immediately.
No matter how well you protect yourself, your identity can still get stolen. So what should you do if it happens? The first thing is to report it to local authorities and IndentityTheft.gov. The Federal Trade Commission, which runs the website, also offers a step-by-step recovery plan that will get you in a position to put your plan into action and reverse some of the damage the thieves did.
PayAnywhere is dedicated to helping you protect your most vital information, and that’s why we hope you’ve found this information helpful. If you haven’t already, click here to learn more about the red flags of phishing scams and how to protect yourself against them.