According to the FBI, phishing was the most reported type of malicious activity in 2020. We know that the use of malware, a variant of viruses, increased by 358%, infecting hundreds of thousands of emails and devices.

And when 80% of reported cyber incidents are done through emails, we must know how to detect messages with greater potential.

This week, we explain why we should not blindly trust the legitimacy of the emails, texts, or calls that we receive. 

LEARN TO SEE THE RED FLAGS

The cyber activity known as email phishing Is created by cybercriminals, or hackers, to manipulate or extort money from a person or company. From the content design to the language they use, it’s hard for us to discern whether the email is genuine or a potential threat, which is why it’s so important to know the red flags.

HOW CAN I IDENTIFY A POSSIBLE FRAUDULENT EMAIL?

We have to be aware of where an email comes from, written text, images, and language of urgency or expected reaction.

The awkward and unusual formatting, the use of language with a tone of urgency, typos, insistent requests to open a file or to click on a link, are distinctive traits that the email you received could potentially be a phishing attempt and you should be cautious.

#1: VERIFY THE ORIGIN OF EMAILS AND TEXTS

 Phishing content comes in a number of ways. However, many hackers will try to impersonate someone you already know, such as a colleague, service provider, financial institution, or even a friend, so that you can think the email is trustworthy.

• Don’t fall into the trap. If you spot any red flags that something may be out of place or unusual, follow your intuition, always.
• Recommendation: Contact the person or institution directly to confirm whether the request is authentic and secure. Otherwise, break off communication immediately and report the incident through the appropriate channels.

#2: BE AWARE OF VISHING CALLS  

As more people engage in everyday activities online, it has created a greater sense of awareness around protection regarding email phishing. That’s why cybercriminals have begun to diversify their efforts beyond emails.

For example, voice scams, or vishing, have become a primary alternative for scammers looking to obtain personal information from unsuspecting people.

The voice scam is usually executed by well-spoken people, uses a call script, and poses as a legitimate organization, such as a customer service provider or a financial institution, and then proceeds to solicit confidential information.

Simply put, it is imperative that you are wary of any type of communication received and where the caller begins to request personal information on the call.

If something seems suspicious, again, the recommendation is to break the interaction immediately and contact the institution or company directly to confirm the veracity of the communications.

#3: PROTECT YOUR ONLINE ACCOUNTS BY ENABLING TWO-FACTOR AUTHENTIFICATION

Two-factor authentication (2FA) adds a second layer of security, serving as proof of your identity when you log in to your personal or work accounts.    

Enabling this feature ensures the only person accessing the account is you.

• What is 2FA? Two-factor authentication is a security feature that allows us to maximize the protection of our data and profiles on the internet.
• When should it be activated? It is recommended to turn on the feature to protect your social media accounts and work apps. In most cases, this security feature is free. For some business applications there is a nominal cost per service.
• How does it help us? By requiring multiple authentication methods, your account is protected against identity theft attempts or malicious access to your accounts, even if someone hijacks your password. In this way, 2FA makes it difficult, and very near impossible, for hackers to access our accounts. Almost all the applications we use to handle personal and sensitive information already have the function.
• Interesting fact: Microsoft reported they saw a 99% reduction in credential theft when users applied 2FA. It is highly effective.
• Tip: If you use social media networks such as Facebook, Instagram, or LinkedIn, there is already the option to activate this feature. As well as the top business applications we use.

If you have any questions or concerns or would like to know if your cyber systems are properly covered, please contact one of our insurance specialists.