Are you receiving multiple calls from numbers that seem local or familiar — but aren’t? According to a recent Forbes article, cybersecurity scammers and criminals are now taking a different approach to reach your data. Phishing is very last year — now it’s all about vishing. A portmanteau of voice and phishing, vishing uses phone calls through an Internet telephone service (VoIP) to target victims directly rather than using more impersonal technology.
In a vishing scam, attackers will call employees with a ruse or pretext in order to convince the employee into an action such as clicking a file sent in a phishing engagement or providing sensitive information such as a credit card or social security number or important company data. The reason may range from a credit card fraud alert to a free offer or prize announcement, but the aim is the same: conning the target into giving away valuable (and private) information. Though these attackers are very good at tricking victims into a scam, these five methods will help you avoid falling for future scam attacks:
- Don’t answer that unknown number.
- The simplest answer, but also the most effective. If you are hesitant about the source of a phone call, just don’t answer it. The other person on the line will leave a voicemail or try to reach you in a different way if it is really important. By not answering unfamiliar calls, you greatly reduce your risk of a cyber hack and potential bigger issue of a cyber network failure at work.
- Report questionable emails to tech support or cybersecurity
- Phishing emails are one of the greatest threats of cyber hacks. Report emails that seem suspicious or do not pertain to your work immediately to your cybersecurity team or email provider. The cybersecurity team may be able to open files or links on their system to make sure they are not malicious. If the questionable email apparently came from a co-worker, ask them directly (not by email) if they sent the message to make sure it’s legitimate. In any case, do not respond to the suspicious email itself in order to prevent business email compromise.
- Don’t post personal information publicly
- Staying private in a very public world can be challenging, but you don’t have to post everything about yourself on the Internet. For example, use acronyms of the company you work for instead of posting its full name. This can limit scammers’ ability to associate you as an employee of a certain company. Also, avoid putting specific technologies that your company uses on LinkedIn or Indeed, as this provides extra information to hackers and makes you and your company more vulnerable to cyberattack.
- Find a way to get off the call
- Scammers will do anything to keep you on the phone, but if a call seems suspicious, do everything you can to end the conversation. Asking “Can I call you back?” is one excuse to get yourself out of a call with a scammer. If all else fails, simply hang up.
- Use social media controls
- Set privacy controls on all social media. Only publicly post information that can’t be used against you, such as local news, sports and other pages that are inherently public. Set your personal information to only be viewed by you, your friends and friends of friends to reduce access to personal information for potential attackers.
Awareness and training can greatly help in avoiding scammers and cyber criminals. At MDL Technology, your company’s security is our number one concern. By offering services such as 24/7 help desk support, network monitoring and offsite data backups, we help ensure that you don’t need to stress about private information becoming public. Learn more about the services we offer by visiting our website.