Be on the alert for Hurricane Matthew phishing scams. The term phishing was reportedly coined in the late 1990’s by hackers who would “fish” for information from potential victims in order to steal their AOL account. (You can find the US Federal Trade Commission’s consumer guidance page on phishing here.)
Any event, local or global, large or small, tragic or otherwise, can and will be leveraged by scammers to trick the unwary. Hurricane Matthew is one such event. The US Department of Homeland Security has posted a cyber-crime alert on potential Hurricane Matthew phishing scams. Below is an excerpt of their dos and don’ts:
Follow These Phishing Do’s and Don’ts
US-CERT encourages users and administrators to use caution when encountering these types of email messages and take the following preventative measures to protect themselves from phishing scams and malware campaigns:
-
- Do not follow unsolicited web links in email messages.
-
- Use caution when opening email attachments. Refer to the Using Caution with Email Attachments Cyber Security Tip for more information on safely handling email attachments.
-
- Keep antivirus and other computer software up-to-date.
-
- Refer to the Avoiding Social Engineering and Phishing Attacks Cyber Security Tip for more information on social engineering attacks. Link.
-
- Review the Federal Trade Commission information on Charity Scams.
-
- Verify the legitimacy of any email solicitation by contacting the organization directly through a trusted contact number. You can find trusted contact information for many charities on the BBB National Charity Report Index.
In addition to staying vigilant with online security habits, you should also be wary of phishing phone calls. Scammers often pass themselves off as official parties to trick the unsuspecting. We’ve had clients reports of phone calls from scammers representing themselves as Microsoft, Symantec or Dell employees. All were attempts to either phish sensitive information from our clients or get access to their Windows computers–to help them with a “critical” error. (FYI – even the most well maintained Windows computer will list critical errors that are not really all that critical and can be ignored.). Unfortunately, some of these scam attempts were successful.
The lesson here? Whether in the real world or the cyber world, a healthy dose of suspicion is a very good thing. When in doubt, ask your IT Partner for guidance.