9 Ways To Avoid Being Spammed and Spoofed

Scammers and spoofers are getting smarter.  With more and more advanced forms of technology, you oftentimes won’t see what’s coming until it’s too late.  Even companies like Twitter, Marriott, MGM, ZOOM, Magellan Health have all been infiltrated!  Here are some things to watch for, and ways to avoid being the next victim.

What types of things you should look for:

  • Texts from unknown sources that ask you to reply STOP – sometimes these are legitimate, but they can also be sent only to verify that your phone number is legitimate. If you don’t recognize the source, consider not responding.
  • Text or email from someone you know, but it has an urgent story to send you money. If someone needs money urgently, take all the precautions to reach the actual person to verify the request.
  • You’re asked to provide information that you don’t feel should be required. Some spoofers have fine-tuned a credit check form – it’s a fake form to gather all of your personal information.
  • In a nutshell – If it feels off, or out of character for the person you “know”, trust your gut and dig deeper before you act.

 

So how do I even end up on the list of people to spam or spoof?

There are several ways your email ends up on a spam list:

One common way is a data breach. Hackers work endlessly to break into databases, and once that database is compromised, you have no way of knowing where your email address will end up. Did we mention companies as big as Twitter, Marriott, MGM have fallen victim? Yea, hackers can be that good.

Fake email accounts are another way that spoofers operate. Once they have your email address and know your family’s names, they can create a fake “reply to” email address that looks like your loved ones’ name. Then comes the elaborate story to get you to send money, or personal information.

If something seems too good to be true, it is. If you responded, your email has been verified and gone into a junk email database. Now they can use it to try and hack into your accounts.  It’s usually your user name for a website login.

They’re always trying to lure so they’ll use a family member, friend, or coworker’s name. The main thing is that the situation is almost always URGENT. They don’t want you to have time to ponder alternatives or second guess your desire to jump in and help. But does it seem out of character? Does something seem off?

 

Here are NINE ways you can prevent being the next victim of a scam:

  1. Create a specific email address to sign up for anything outside of family/friends/work. That way if it’s compromised, you’ll know it isn’t likely a legitimate request – because your close contacts don’t have that email address.
  2. Make sure you have top-notch malware protection. A good system will provide you with real-time notifications at the first sign of suspicious activity. We know because we monitor our clients’ systems and know instantly if there is a possible breach. It’s easier to catch it before the client has time to fall for it… often times our clients don’t even know what has happened before we eliminate the attempt.
  3. Make sure your company has systems and flexibility in place to allow staff to verify a financial request. We’ve seen people fall for that urgent request that appeared to be from another colleague, to send money or pay a bill. If your staff is used to working under fire, they may react quickly to take care of business. Create a policy that if something is urgent, it needs to be verified in a specific way through a specific process.
  4. Change your passwords often and don’t use any information associated with your real-life (kids, dates, pets, spouse). Hackers and spoofers are smart enough to have already collected some of those bits and pieces, and they’ll use it against you.
  5. Educate your employees with security awareness training to help them in recognizing and combating emerging cyber threats.
  6. Incorporate phishing incident response tools to instantly report suspicious-looking and unsolicited emails.
  7. Secure your email domains against email spoofing attacks by implementing email authentication protocols such as DMARC, SPF, and DKIM.
  8. Keep all your software and applications updated with the latest security patches from time to time. Outdated systems make it easier for infiltration.
  9. Use a VPN connection for a protected network to keep hackers and other threat actors at bay while working remotely.

In a nutshell: A little awareness, and a good system in place, can help save you thousands.  At the end of the day, we are here to help you with a plan to combat spoofers and spammers. Call us today for a free network analysis!