An international hacker was recently found to have more than 10,000 stolen debit and credit card numbers. So, clearly, phishing – the practice of tricking someone into giving bank or credit card information – is rife and plenty of people are falling for it.
Many businesses issue staff with credit cards to pay for work expenses. But don’t assume everyone who works in your small business is too smart to be taken in by the corrupt come-on of some creep who slips past your email filters. Phishing messages can be slyly convincing.
The website that a phisher’s email links to will have an address (URL) that is similar to but not the same as a real bank's or financial institution’s site. For instance, if the real site is at 'www.yourbank.com.au', the scammer may use an address like 'www.yourbank.com.au.log107.biz'. The fake site may be stamped with logos indistinguishable from those on the real site.
Here are seven tips to help counter the slippery threat of phishing with protection, detection and correction.
- Use anti-phishing staff training programs
One way to prevent the potential financial harm that can be inflicted by phishing attacks is to train your staff to understand phishers’ manipulative ‘head hacking’ antics. Software training programs include PhishGuru and PhishMe, which is a phishing simulator that boosts awareness of the sophisticated tactics used by hackers looking to compromise your firm’s data and systems.
- Take a cross-platform stance