One of the top cyber crimes, and the most profitable, are phishing scams. Large corporations such as Sony have been jeopardized and accounts of these types of cyber crimes are being reported at a high rate. Phishing scams are just as dangerous to small business owners as they are to large corporations.
The Internet Crime Complaint Center (partners with the FBI) and the National White Collar Crime Center (NW3C) have reported more than 300,000 cases of online phishing scams and other Internet related crimes.
Understanding what phishing is will help you identify what makes your small business so appealing to cyber criminals.
What is phishing?
Phishing is the act of attempting to get private data such as usernames, passwords, credit card and banking information. This is easily done by creating fake websites, logos and email addresses and phone numbers. The victim is compelled in some way to reveal private information such as social security numbers and or other information that can be used to steal their identity. In the case of a small business, the phishing scam may be used to acquire customer credit card numbers.
Examples of small business phishing scams
There are many models of small business phishing scams. For example, fake emails have been sent to thousands of smaller businesses that are highly authentic looking from the IRS and even including the IRS logo. These emails explain that they must fill out tax forms or W-4 forms and return these forms by fax. Many business owners trust this information was sent by the IRS and fear that they will be audited if they do not do what the email said was expected of them.
At the official website, IRS.gov, the IRS states that it will not contact companies through email first. Beware and use caution before clicking on a link claiming to be from them.
Your company email can be a target
Another way these thieves gain information is by targeting a specific individual within a business by sending him or her some kind of fake communication that looks completely respectable but ends up delivering a virus or malware. This virus then infects the entire network, giving thieves access to private company data.
There are also several “phone phishing scams” where phony messages from your bank, for example, ask you to call a phone number and enter your account information.
How to protect your business against phishing
The Anti-Phishing Work Group offers excellent tips on how to keep your small business from becoming a victim of phishing. Here are some of their tips:
The best way to protect oneself and colleagues from these scams is to be aware of the methods one can use to identify a scam and stay on top of the latest news on the issue.