Milwaukee Bucks Fall Victim to Scam
1876 technology is your best defense against phishing.
Scams intended to capture confidential financial data or infect computer systems with malware unfold every day. And unfortunately, no organization is immune – including the Milwaukee Bucks.
The professional basketball team recently fell victim to a phishing scam that compromised all of its 2015 employee tax information – including salary information and Social Security numbers. (Read more.)
How do breaches like this typically happen? A simple fraudulent email request.
One example: The controller or CFO of an organization receives an email from another executive (ahem) in the firm requesting sensitive financial information or a money wire..
Another example: A vendor or other business partner (ahem) sends an email with a Word or .zip file attached and the subject line: “Your invoice attached.”
Believe it or not, opening or responding to these emails, or opening the related attachments, can allow scammers into your network, where they can access sensitive data or, worse, infect your entire system with a type of malware that could render it completely useless until a ransom is paid.
BE SUSPICIOUS. PAY ATTENTION. USE THE PHONE.
“The telephone, invented in 1876, is just as important today as it was revolutionary then.”
The best line of defense against phishing scams involves three steps:
1) Always be suspicious.
2) Pay attention to email addresses.
3) Use the phone.
Today’s security-minded professionals have learned to be suspicious of requests for information that are sent via email. And they pay close attention to senders’ email addresses. Fraudulent email addresses generally look very similar to the purported sender’s, but are not exactly the same; for example, president@yourcompany.NET versus president@yourcompany.COM.
In some cases, scammers don’t make much of an effort. They may use an email address like firstname.lastname@example.org. It’s not very creative, but it’s an example of an actual address used in a recent phishing scam.
If you receive an email requesting sensitive information, we recommend you immediately call the purported sender to validate the request. DO NOT REPLY to the email, as the originating sender is likely not who you think it is.
Be diligent. Even if an email is addressed to you and includes an email signature similar to the one the real sender uses, pick up the phone and call the sender to verify.
Remember the “Your invoice attached” scam example we mentioned above? If you receive a similar email from a vendor or partner, it may very well be a scam, and opening the attached file could infect your computer or system with some type of malware. Again, pick up the phone and call the sender to validate that they sent it before you respond or open any attachments.
The telephone, invented in 1876, is just as important today as it was revolutionary then.
Have a question about IT system security? Give us a call at (804) 918-7815 or send us an email. We’re standing by, ready to help.