Knowledge Base

Partner

  • Knowledge Base HOME
    Knowledge Base HOME Where you can find all the latest articles to the Intrada Knowledge Base.
  • Categories
    Categories Displays all the different categories within the Intrada Knowledge Base.
  • Tags
    Tags Tags are setup to help find articles related to a specific focus.
  • Users
    Users Meet the Staff and see what they have to share.

Avoid Getting Caught in a Phishing Scam

by in Digital Media and Internet Development
  • Font size: Larger Smaller
  • Hits: 2257
  • 0 Comments
  • Subscribe to this entry
  • Print
2257

The Monthly “Steal” by David Steele

The Monthly “Steal” is a bit of relevant technology information intertwined with personal thoughts, opinions and some real life experiences. It is written by David “Steele” and is free, hence a “steal” from a “Steele”.

Fish and Hook ScamsOver the last 2 months, Intrada has seen a huge increase in email scams designed to steal individual identity, access online accounts or control computers. In the IT industry, we call these Phishing Scams because they are fishing for information. It is largely known not to plug in any device or USB drive or insert a disk into your computer if you don’t know where it came from. But, phishing scams are delivered mainly through email, not by plugging in an external device. These email scams many times look harmless or even like legitimate emails. But, once you click on the attachment or the link in the URL, the scammers usually try to install malware, ransomware or other backdoor applications that cause loss in data and a violation of your privacy.

Phishing Scams are not new. Phishing was first recognized in the mid 1990’s by a hacker named Khan Smith. Smith used the arrow symbols <>< that resemble a fish and commonly used in online chat communications, making it hard for AOL to filter the communications. This same symbol is associated with Christians and was used as a secret Christian symbol long before Smith. Combine this symbol with stolen or hacked email accounts to see why most credit Smith with leading the phishing epidemic.

So how do you keep from getting caught by Phishing Scams? If you receive an email that you are not expecting or from a sender you do not recognize, it’s best not to open it. I suggest you think of it as junk mail and trash it.

But, maybe your curiosity lured you to open the email. Here are some additional ‘red flag’ checks:

Email Link

LINKS IN THE EMAIL: links in the body of an email might look valid, but when you click on the link it takes you to a totally different address. If you hover over the “baited” link, most browsers will display the actual link you would be directed to in the bottom left corner.

At Symbol

EMAIL ADDRESS: Spammers use what is called “Spoofing” to present you with an email address that looks convincing, but it’s actually hiding the bogus email account. Common scams include emails stating there is a package waiting at the post office or there has been a questionable charge on your credit card and you must sign in to confirm the charge. I, personally, don’t click on any links in emails that relate to financial accounts such as credit cards or utilities. If I get an email – I open a browser and go to the site directly to verify account status or I call the company customer service line.

Grammar

GRAMMAR: Most scams have incomplete sentences, poor grammar, and lack of customer brand and contact information. If it does not seem right, there is a good chance it is not valid.

Email Attachment

ATTACHMENTS: Scammers will attach files that, when opened, will try to install malware and infect the computer. The best protection is not to open any attachments that you didn’t expect or were not sent from a valid source. Do not enable any macros or approve the installation of software.

Cloud Download

FREE SITES: Avoid websites that require you to install an application to access free files including fonts, music, videos, games or other applications. Validate the site is safe before downloading and installing any applications.

Why doesn’t most virus protection software catch phishing scams? This is because the email does not actually contain a virus. The email contains a link to a website that tricks users into providing access information or to download and install an application to protect their computer. But, in reality, the person just infected their machine. Virus protection does not stop a user from loading software unless it is identified as malicious. Also, if the email has an attachment that is zipped; virus scanners can’t scan zipped files. Other attachments include Microsoft Word documents, that, when opened, require micros. When the user hits enable, the virus installs the malware that can infect the computer.

The latest lure in phishing scams is ransomware. The user is tricked into running a program or accessing a website that runs a program that will encrypt and lock all your data. The sender, who is usually in another country, holds your data hostage then requires a payment from you to purchase the password that will unencrypt your data. In a corporate setting, this can be a real sinker because it will normally encrypt all data across a corporate network, including network drives. When you have been a victim of ransomware, you are presented with two options:

  1. Pay the ransom to get your password, which is not guaranteed, to unlock your files and reload the infected computer.
  2. Reload the infected computer and restore files from backup.

Bottom line – it’s just ugly and nothing is worse than having your privacy violated or someone holding your personal data hostage. The best protection from phishing scams is:

  1. Educating yourself and your staff to not be click happy.
  2. Have good virus and spam filtering solutions in place to help prevent the temptation of hitting the inbox.
  3. Backups.

If you are a customer of Intrada and received a questionable email, contact tech support and have emails and websites verified before opening or installing any software. If you would be interested in learning more about Intrada or our scanning services, give me a call or email me today.

WarningUser Notice Document - AVOID GETTING CAUGHT IN A PHISHING SCAM
Short version of article to be distributed to all employees. (click here)

 

David Steele, Partner / Webmaster

djsteele@intradatech.com
570-321-7370
Facebook Twitter LinkedIn Google+ RSS Feed

Last modified on
0

Expertise - David is one of today’s new breed of technology pioneers creating, building and managing technology for today’s business environment. In 2000, David co-founded Intrada Technologies, Inc. In 2001, Intrada partnered with Micro-One Computer Center to create Micro-Link, a regional ISP serving more than 2000 dial-up customers. He also developed a public wireless network for commercial industry in Williamsport / Montoursville / Montgomery, PA that includes corporate email, broadband, VPN, firewall, network management, consulting, installation and training. In 2004, he sold the Dialup and Wireless portions of the business, with Intrada assuming the Micro-Link hosting and commercial ISP services. Today, David’s primary business focus is web development and network management.


Client Depth - David’s clients include health care, telecommunications, retail outlets and cataloging, and web-based robotic management systems. He has implemented full E-commerce and inventory billing systems, visual packing and shipping systems and other E-commerce solutions for large distributors with EDI interfaces and multiple vendors.


Accomplishments - David gained his expertise from a unique combination of formal education, natural ability, and on-the-job learning. He acquired his business acumen studying business management and computer programming at Pennsylvania College of Technology. In addition, David studied privately with renowned lighting and theater designer Stan Prestner at UCLA, where he learned the intricacies of light engineering and design and electrical sound reinforcement for live performance.


In addition, David continues to pursue advanced training in new media and technology developments.  djsteele@intradatech.com  570-321-7370 x102

Comments

  • No comments made yet. Be the first to submit a comment

Leave your comment

Guest
Guest Wednesday, 22 August 2018
Contact Information: 
    31 Ashler Manor Drive
    Muncy, PA 17756

Hours of Operation:
    Monday to Friday 8 AM > 6 PM EST
 
 800-858-5745

Mission Statement

Intrada is built on the premise that the management of information technology for business is like legal advice or accounting. It is not a do-it-yourself job.

Smart business people who are not technically savvy need quality resources for reliable hardware, software, service, and support. Businesses rely on these vendors as trusted friends or partners in their business.

Intrada serves its clients as that trusted partner. We make sure that our clients have what they need to run their businesses, with maximum efficiency and reliability.

Many of our client's needs are mission critical. Intrada gives them the assurance that we will be there when they need us.