Hackers and scammers are back at it again … and they’re better than ever. Recently we’ve seen a big upswing in the number, and relative sophistication, of hacker and scammer attacks. They’re sending sophisticated emails and “snail mail” invoicing to target unwitting individuals and companies. Even tech giants Facebook and Microsoft have been scammed in this way.
Scammers begin by sending phony bills or invoices to companies and individuals. The documents look authentic and may appear to be from companies you do business with; even from your usual billing contacts. They use a combination of publicly available and hacked data to develop these highly targeted attacks. In some cases they are sending files that contain a virus or malware to gain access to account numbers and passwords. In other cases they are sending invoices that link to a real webpage that appears authentic. When users enter their credit card and payment information, scammers steal that data and sell it on the “dark web”.
Here are a few tips to help you avoid being a victim of hacking and identity theft:
- Carefully read emails – The email may look legitimate, but hackers usually make small mistakes. Look for typos and misspellings. Look closely at the sender’s email address. Does the name in the email match the address? Does the domain appear authentic? They have been known to add text such as “Please excuse typos, sent from my iPhone” in order to prevent suspicion over typos and misspellings.
- Save attachments before opening – If your computer has an up-to-date virus scanner, save attachments and scan for viruses before opening them.
- If you receive an invoice, examine it carefully – Is the bill arriving at its normal interval or are you not expecting it? Is the bill properly formatted? Do amounts look correct? Does the invoice contain contact information? Do you actually owe the company issuing the invoice?
- Verify links – If an email contains a link, look at the link text before clicking on it. Does the web address look correct? Does it begin with “https://”? If not, the connection may not be secure and would make it easy for hackers to obtain any information you share.
- Pick up the phone – If you’re at all in doubt, call the company and find out if the invoice is authentic. DO NOT CALL THE PHONE NUMBER ON THE INVOICE! It’s likely to be fake and when they ask you to verify your information, they’re likely to get what is needed to hack your account.
- Spam it! – If you do get a fraudulent invoice, be sure to mark the email as spam so future invoices are filtered.
- Give a Warning – If someone tries to scam by posing as one of your vendors, be sure to notify them so they can warn their other customers.
A little prevention goes a long way in preventing a BIG loss. Use caution and be on the lookout for these scams. If you are the victim of identity theft or you think you may have been scammed, contact our experienced professionals.