On a much-needed vacation with my children, far away from the office, fishing pole in hand, I had to stop and smile at these poor hungry fish that seem to bite at anything we put in front of them. These poor fellas really must be hungry! We caught our limit in a half hour, and threw them all back only to go through it again. Too bad there’s not a limit on phishing….
Consider these sobering statistics. The FBI reports the number of this type of cyberattack has grown 1,300 percent since January 2015, resulting in $3.1 billion in losses across the world, according to The Wall Street Journal. In the past three years in the U.S., more than 14,000 phishing victims alerted the FBI’s InternetCrimeComplaintCenter. During that time, companies lost more than $960 million to such scams, according to the report.
Each of us has an important role and responsibility in information security. We are asking the Emerus community to help combat this threat with due diligence by being extra cautious in opening attachments and links from suspicious emails – and to avoid sharing proprietary information in phone calls and conversations.
What is a phishing email?
Phishing emails are messages sent by individuals trying to “fish” for personal or financial information. Often, these individuals seek information by impersonating senior corporate officers. Phishers are getting better every day at making their messages look authentic.
What to do if you get a phishing email:
- Send any phishing emails you receive, including its full header information, to firstname.lastname@example.org.
- Use your mouse to hover over links in an email. This will show you the actual website you will be directed to if you click on the link. It is always best to type the address yourself into your web browser, rather than clicking a link in an email.
- Do not give out any confidential information (email/phone calls) to anyone you don’t know.
- Check to make sure communication is authentic (email domain says “@emerus.com” – watch for typos and slight variations).
- Report suspecting messaging to email@example.com.
- Contact IT at firstname.lastname@example.org if you need further validation.
How to protect yourself:
Here are some best practices that will help protect you and your information:
- Beware of messages that claim your account has been suspended.
- Be suspicious of any email containing urgent requests for personal financial information.
- Never click on a link in an email. Instead, always type the legitimate Web address of the site you want to reach directly into your Web browser.
- Be suspicious of email messages and other electronic communications from sources you do not know or recognize.
- Report any suspicious emails.
As a recent victim of a phishing scam, I would encourage you all to take precautions before sending important information across the Internet. Have a great summer.