How to Protect Yourself and Your Organization from Fraudulent Attacks
Malicious cyberattacks cost the U.S. economy as much as $109 billion in 2016, the Council of Economic Advisors reported. Three years later, in 2019, individuals and organizations experienced record losses due to fraud, identity theft and other related complaints, according to the Federal Trade Commission (FTC).
During the current global pandemic, fraudulent activity has continued to increase. Today, we have a lot to be overwhelmed by, but knowing how to best protect yourself now can keep you safe for the future.
The following includes important information and tips to minimize your risks of becoming victimized by fraudulent attacks:
Why are fraudulent attempts on the rise? According to the Fidelity National Information Services, Inc. (FIS), criminal activity involving pilfered credit card numbers and phishing attacks has increased during the COVID-19 pandemic — targeting both consumers and banks. Also, with the decline in travel and shopping at brick-and-mortar stores, more and more fraudulent attacks have shifted to the internet.
FIS reported that the dollar volume of attempted fraudulent transactions increased by 35% in April 2020, when compared to April 2019. It also noted that the trend seemed to be continuing.
What does a fraudulent attempt look like? Fraudulent attempts come in many different forms, including emails, robocalls, direct messages, credit card charges, ransomware and wire transfers that may appear legitimate. In many cases, scams will materialize as claims from government entities, financial institutions, or large organizations (like a utility company). The most prevalent methods of cyberattacks include randomly computer-generated card numbers, attempted purchases with card numbers previously stolen, and phishing attacks (emails, phone calls, and direct messages.)
How can you protect yourself and your organization?
- Be alert. Keep a close eye on all accounts. Most banks will alert you via call or text, but you know your purchases best. An automated alert could be generated by another fraudster. After email security has met a best practices baseline, employee training and testing is the best way to prevent a breach.
- Stay safe. Understand the differences between credit card and debit card use. The government limits your liability on fraudulent credit card purchases to $50. Also, it usually takes much longer to get funds reimbursed with a debit card than a credit card. Lastly, a credit card freeze is much less impactful to a person’s ability to carry on their day-to-day activities than if their bank account is frozen.
- Be proactive. Know how to freeze your accounts. Some financial institutions provide online or app-based access to allow you to quickly and easily complete this function. If your bank or credit union doesn’t, call immediately to ask them to freeze your account after you notice any fraudulent charges appearing in your purchase history. You can also limit the number of breach attempts through an investment in enhanced spam filtering services and Advanced Threat Protection safeguards. Enhanced email back-ups also can help prevent major losses.
- Know how to handle anything that comes your way. If it looks suspicious, it probably is. Be diligent when it comes to answering robocalls, opening emails, and responding to voicemails. Keep contacts up to date and block unknown callers. Take the time to learn more about how to secure your phone (Apple, iPhone, iOS, and Android). With COVID-19 related scams on the rise, it’s also important to educate yourself, friends, co-workers and relatives with the latest consumer scams reported by the FCC.
- Know what to look for when reviewing suspicious or official-looking documents and messages. Beware of the following:
– Communications with terms like “stimulus check” or “stimulus payment.” The Internal Revenue Service (IRS) will use the term “economic impact payment.”
– Requests to “sign over” a stimulus check
– Anyone requesting bank information or direct deposit information by way of phone, text, email, social media or other messenger apps
– Postal mail receipt of a [fake] check with a request to call a number or verify information online to cash it.
– Malware or virus packages using Covid-19 as an incentive to open them.
– New Covid-19-related websites; they could be designed to scam or defraud visitors.
– Work-at-home infrastructure attacks. Ensure your employees have a firewall when using company or personal devices for work-related activities.
- Seek expert help. The time to detect vulnerabilities is not after you have been a victim of an attack. At Covi, we help our clients navigate changes in technology, including the latest cyber security measures to protect you and your organization from malicious behavior by hackers.