PLEASE NOTE: This is most serious. If you are in a real estate deal – or any deal – involving a wire transfer – call directly for wire transfer instructions – as emails have been hacked and money rerouted.!!!
Email Phishing on the Rise: Is Your Mailbox Safe?
By now, most everyone has heard of “phishing,” the act of defrauding an online account holder by posing as a legitimate company or person. Simply put, it’s when bad guys pretend to be someone or something they’re not to steal from you or your company.
They’ll use “spoofed” email addresses, websites and attachments to convince you to give them personal information, financial details, account passwords and even wire transfers. These criminals use advanced tactics and social engineering to learn about you and your company so they can present tailored information you wouldn’t think to double check.
“Spear phishing” is even more egregious, appearing to originate from within your company or your domain and targeting a specific person or company.
Examples can include what appear to be:
- your IT guy asking you to login to a system or website,
- your boss asking you to “open the attached document,” or
- your CEO asking you to initiate a wire transfer to one of your vendors.
Because it’s so effective, phishing and spear phishing attacks continue to rise exponentially.
Part of the problem lies with us. Because we know what phishing is, we think we’re not susceptible — it only happens to other people, to dupes who aren’t paying attention.
But when we think it can’t happen to us, we let our guard down — and then we become most susceptible. Just ask the now-infamous Mattel executive who wired $3 million to a scammer.
“Email is such a common and trusted form of business communication that employees are extremely susceptible to spear phishing,” noted a recent report from Cloudmark, a Rackspace Email Partner and leader in the anti-spam industry. That report found fully 94 percent of companies surveyed acknowledged that their employees have fallen for a contrived phishing attack.
So — still think this can’t happen to you?
What can you do?
This is scary stuff, but you can fight back. If you (and your colleagues or employees) look for the signs of phishing and practice basic email hygiene, staying safe is actually pretty easy. The best way to combat phishing is just exercising common sense.
Here are a few tips to keep you on your toes.
Do not share personal information! EVER!
This really cannot be emphasized enough. Never respond to an email with personal information, financial information or passwords. Ever. Think about the risk-to-reward ratio. Is the upside of quickly sending this info worth the risk? Remember — NO reputable company will EVER ask for these details in an email.
Let me add my two cents here. The other day a friend was reading me a meme – it was something silly like what is your Leprechaun Name? As she read it to me – it occurred to me – those were password retrieval questions! What street did you grow up on? What was the name of your first pet????? Out of context and without the silly meme before my eyes – hearing those questions made me realize it was a red flag! SO DON’T SHARE PERSONAL INFO ONLINE!
Visit websites directly from browsers and bookmarks – not email.
Whenever possible, avoid clicking a link in an email to login to an account. It’s easy to misrepresent where that link may be taking you. A link might say “PayPal.com,” but it’s really pointing at “PeyPals.com.”
A quick way to double check a link’s actual destination is to hover your mouse over it. In most cases, your browser or email application will show you the true path.
If you’re logging in to your bank or other website, access the site directly instead of clicking a link in an email. Be especially suspicious of emails asking you to click a link to confirm your account information.
Double-check attachments before you click or download them.
Be careful with attachments. Word documents and Excel spreadsheets may contain macros or viruses that compromise your computer. These files can automatically download malware or direct you to malicious websites. If an email or attachment looks even the least bit suspicious (misspellings? See below), confirm its origin with the sender. Call, text or message them before you click.
Also, it is critical to have anti-virus software installed and up-to-date on your computer.
Whach for missspellngs and urginsee.
Although it’s not a hard and fast rule, poor grammar can often be a tell-tale sign of phishing. Look for unusual use of words, misspelling or even strange greetings (Hello Madam!). Also, be suspicious of an email that evokes a sense of urgency and asks you to do something right away.
When it comes to wire transfers, be extra vigilant.
The vast majority of people do not wire money as part of their day-to-day duties. So if you’re asked for a wire transfer, that should immediately raise a red flag. Double-check the request, OUTSIDE OF EMAIL, before you do anything. If you’re in the business of transferring money, never rely on email as a secure communication channel for these requests. Always confirm through alternative means.
When in doubt… DO NOTHING!
Being unsure and still clicking around suspicious emails can be disastrous. Take a little extra time to be vigilant and/or confirm emails origin and intent can save you, and your company, a ton of grief (and maybe even money). So if you have even an iota of doubt – DON’T DO ANYTHING. Delete the email, and pick up the phone.
Maybe more than ever before, the old adage holds true: when it comes to email and phishing it is truly better to be safe than sorry.
For more information about how to keep your inbox safe and your email secure, visit Rackspace email hosting solutions.
I read this article at: http://blog.rackspace.com/email-phishing-rise-mailbox-safe
Remember to follow our Blog for the local real estate beat, a pulse on the San Francisco Peninsula at: https://therealestatebeat.wordpress.com
Got Questions? – The Caton Team is here to help.
Email Sabrina & Susan at: Info@TheCatonTeam.com
Call us at: 650-568-5522 Office: 650-365-9200
Want Real Estate Info on the Go? Download our FREE Real Estate App: http://thecatonteam.com/mobileapp
Visit our Website at: http://thecatonteam.com/
Visit our INSTAGRAM page: http://instagram.com/thecatonteam
Visit us on FACEBOOK: http://www.facebook.com/pages/Sabrina-Susan-The-Caton-Team-Realtors/294970377834
Connect with us professionally at LinkedIn: https://www.linkedin.com/in/sabrinawendtcaton
Please enjoy my personal journey through homeownership at:
Thanks for reading – Sabrina
The Caton Team – Susan & Sabrina – A Family of Realtors
Effective. Efficient. Responsive. What Can The Caton Team Do For You?
Berkshire Hathaway HomeServices – Drysdale Properties
Sabrina BRE# 01413526 / Susan BRE #01238225 / Team BRE# 70000218/ Office BRE #01499008