Scams

A reminder that scams continue to surface on a regular basis. IRD and bank related scams are very common and these are often so similar to legitimate emails it is increasingly difficult to determine whether they are a scam or not.

Phishing has become the most common form of scams over the last few decades. Phishing is the fraudulent practice of sending emails purporting to be from reputable companies in order to induce people to reveal personal information. Phishing attacks are increasing at a rapid rate and they continue to be used as they continue to work. The artificial intelligence used in phishing attacks is able to effectively target and trick people into opening malicious file attachments, clicking dangerous links and revealing passwords.

As such, phishing is usually at the top of the list for security awareness training. Studies show that as soon as 6 months after training, phishing detection skills wane. Employees begin forgetting what they have learned and cybersecurity suffers as a result. Want to give employees a “hook” they can use for memory retention? Introduce the SLAM method of phishing identification. SLAM is an acronym for four key areas of an email message to check before trusting it which are:

  • S = Sender
  • L = Links
  • A = Attachments
  • M = Message text

By giving people the term “SLAM” to use, it is quicker for them to check suspicious email. All they need to do is use the cues in the acronym.

Check the Sender
It is important to check the sender of an email thoroughly. Often scammers will either spoof an email address or use a look-alike.

Hover Over Links without Clicking
Hyperlinks are popular to use in emails. They can often get past antivirus/anti-malware filters. Those filters are looking for file attachments that contain malware.

When looking at email on a mobile device, it can be trickier to see the URL without clicking on it. There is no mouse like there is with a PC. In this case, it is best not to click the URL at all.

Never Open Unexpected or Strange File Attachments
File attachments are still widely used in phishing emails. Messages may have them attached, promising a large sale order. There have even been PDFs with malware embedded.

Read the Message Carefully
We have gotten great at scanning through text as technology has progressed. It helps us quickly process a lot of incoming information each day. However, if you rush through a phishing email, you can miss some telltale signs that it is a fake by looking carefully at the language used.

While Phishing is the most common form of fraud, there are also others to be aware off as well:

  • Cold Calling scams
  • Business email compromise scams
  • Work at home scams

The subject of internet security is quite daunting but it is also very important as a successful phishing attack could have serious consequences on your ability to continue to supply your customers.

It is important that you continually review your cyber security and look at regular awareness training for yourself and staff if applicable on the signs to look for to identify potential scams.

Should you or your team have concerns around correspondence purporting to be from the IRD – please do not forward the email or text – instead please give us a call and we can check with IRD directly if required.