When it comes to cyber criminals, they will do anything they can to access your valuable information. The first step in doing this is to spot your vulnerabilities and sometimes those, unfortunately, are with your personnel and their lack of cybersecurity knowledge. One of the major types of deception schemes is phishing, let’s learning about phishing e-mails and how you can inform and protect your practice.
What is phishing?
Phishing is a type of deception designed to steal your valuable personal data, such as credit card information, passwords, account date, patient information or other information. Con artists send millions of fraudulent e-mail messages that appear to come from sites you trust, like your bank or credit card company and request that you provide personal information
Phishing messages are designed to look genuine, often copy the format used by organizations, including their branding and logo. They will take you to fake sites that looks real, but have a slightly different address. For example www.micromd.com.au instead of www.micromd.com.
Warning Signs of Phishing
There are a handful of ways that scammers may attempt to steal information through a phishing scheme. Some warning signs are below…
- State they’ve noticed some suspicious activity or log-in attempts
- Claim there’s a problem with your account or your payment information
- Request that you confirm some personal information
- Include a fake invoice to be paid
- Click on a link to make a payment
- Say you’re eligible to register for a refund
- Offer a free gift card or other free items
- The message does not address you by your proper name, may contain typing errors and grammatical mistakes.
- The website address does not look like the address you usually use or is requesting details the legitimate site does not normally ask.
How to Protect Your Office from Phishing Schemes
When it comes to protecting your office from phishing emails, one of the greatest ways to protect against threats is to be careful of clicking on links. Hover over the link to preview the URL or opening attachments from emails. Don’t click on links or attachments that say “Please find attached file” or “Please open” if you are unsure of the sender. This is a great rule of thumb to arm your practice with. The following are other ways to protect your practice from phishing…
- Don’t give out personal information.
- Check the Subject line and contents of the email. Subject line of simple “Hello” is a tell for phishing emails.
- Enter your UN & PW only over a secure connection. Look for “https” prefix before the site URL, if there is no “s” beware.
- Double check on suspicious requests.
- If you suspect the email to not be genuine, just delete it.
- Protect your computer by keeping up to date with the latest Windows patches.
- Install Antivirus software and keep it updated.