Emerson Exchange 365

My last post detailed the ways in which modern scammers are evolving their attacks to target individuals based on personal information gathered from online locations such as social media. Armed with these new techniques, scammers have become even more dangerous as they prey on users’ trust and instincts in ways that are hard to ignore.

Our desire for convenience and our need for urgency can put us at risk when exploited by scammers.

Four Strategies Used in Phishing

• Immediate action required: “We will cancel your account” or,” You must respond today to avoid us sending this to our claims department.” Scammers are hoping that this sense of urgency will have you respond without thinking about any risks.
• Fraudulent/fake sites: You are asked to use the “URL below” to respond to an audit or some unusual account activity but all the scammer really wants is for you to supply your account user name and password.
• Being thanked for a purchase that you never made: Following the link provided in the email to find out more about the “purchase” will prompt you to enter your sign-in and password, a veritable goldmine for scammers.
• A long-lost schoolmate reaches out: “You may not remember me, but I was in the next year’s class at <school> and I was just…” A scammer is trying to gain your trust before asking for more and more information. Next thing that you know, you have been phished.

 The most important step you can take to avoid falling victim to modern phishing techniques is to stay vigilant. While there is no guaranteed “giveaway” sign in every single phishing message, scam messages often have common elements that can alert you to a problem.

Top 7 Ways to Spot a Phishing Email

• Spelling errors or grammatical errors
• Links included in emails for your “easy response” (if you happen to even open the email, don’t click the link but instead simply hover over the link with your mouse to check the target address)
• Urgency or threats
• Scamming of well-known websites using a company’s graphics/logos
• Website and email addresses that are slightly different from the real website (i.e. one letter off, right name but odd domain, etc.)
• Emails from people you don’t know asking for any type of information

Be aware that not all phishing happens online; phishing scams also come via phone calls:

 The Attack

Someone claims to represent your personal computer’s service department saying that your computer has reported a problem to them via the internet. They are looking for your service agreement number or credit card number to begin solving the reported problem. Once they get this information, the abuse of that account begins.

The Defense:

Trusted providers (i.e. Banks) would not ask that information via phone. A best practice is to hang up and call the provider’s official phone number instead to make sure the call really originated from them

In the end, YOU are responsible for your own cybersecurity. The more active you are online, the more connected you are, the more you need to take precautions to protect your personal information from being exposed. The time it takes to prevent a phishing attack is often frustrating; however, it is far outweighed by the time (and money) needed to recover from an information breach.

R.L. (Rick) Gorskie | Global Sales Manager - Cybersecurity

Emerson Automation Solutions | 1100 W. Louis Henna Blvd. | Round Rock | Texas | USA | 78681-7430
Rick.Gorskie@Emerson.com

Rick Gorskie

Global Sales Manager - Cybersecurity

Emerson Automation Solutions