There has been a sharp increase in cyber attacks over the last month. Hackers have been taking advantage of the current climate to deceive people into providing website credentials and personal or banking information.

The biggest increase in cyberattacks is from phishing scams. Data provided by Google shows the drastic increase of phishing and malware sites the search engine has uncovered since March 1, 2020.

Image from Google Safe Browsing

How a Phishing Scam Works:

Using deceptive emails and websites, scammers seek to illegally obtain personal and corporate information—usernames, passwords, credit cards—from users that are then used to steal money or more data.

A phishing scam usually starts with an unsolicited email.

  • The sender will impersonate a reputable company, such as Google, a banking institution or the government. They will even buy domain names that are similar to the group they’re impersonating to make their emails seem legitimate.
  • They will ask you to “verify” or “update” information about your account.
  • A link from the email takes the user to a malicious page, that closely resembles a real website, to collect the person’s or businesses’ username, password and other information.
  • Once scammers have your credentials, they sell that information or use it to hack other sites.
  • Since many people use the same login information for multiple online accounts, they’ll try to use the stolen information on banking sites, social media applications and other online services.
Example of a Phishing Scam

This email impersonating Google wanted our client’s cell phone number, username and password. With this information, the scammer would have been able to take over their main business email account and put client information at risk.

Thankfully, our client was suspicious and picked up on some of the warning signs:
  • The sender’s email (@googlemail) is not a recognized Google support email.
  • The copy is full of spelling and grammatical errors.
  • The link in the email went to a non-Google site.

VERIFY INFORMATION HERE

Protect you and your business from a phishing attack:

  • Never give out your username, password or any personal information in an email.
  • Do not click on any links that ask you to verify login or personal information.
  • If you’re unsure if the email is legitimate, call the company or organization to check the status of your account.
  • You can also google the sender’s email to see if it’s a valid address.
  • Set up two-factor authentication if available.
  • Educate employees about what to look for in phishing attacks.
  • Ensure your web security protocols are up to date.

Remember, scammers only need a few pieces of information from you in order to do damage and harm. Мindful internet usage is the key to protecting your privacy and wellbeing on the web.

If you have any questions or concerns,
don’t hesitate to contact us.

idig Marketing is a full-service digital agency that generates meaningful website traffic and drives high value leads to your organization. By optimizing organic content with paid advertising our custom methodology includes hosting, eCommerce and online security.

Connect with us on Facebook, Twitter and Instagram.
We post digital marketing tips to help Canadian businesses succeed.