2 minute read
Tech Tip: Spotting Phishing Scams: Secure Your Digital Fields
By: Matthew Cosgrove GreenStone VP of Information Security
The modern era, while bringing the world closer and making information accessible, has also brought unique challenges. One of these challenges lies in navigating the digital landscape safely. The 2023 Verizon Data Breach Investigations Report (DBIR) underscores this.
According to the report, “74% of breaches include a human element, such as Error, Privilege Misuse, Use of Stolen Credentials, or Social Engineering. Furthermore, 49% of breaches by external actors involved the use of stolen credentials. Phishing made up 12% of external attacks, and attackers exploited vulnerabilities in 5% of breaches. As what drives these attacks is financial gains, 95% of breaches are financially driven.” (Verizon, 2023).
What does this tell us? Your role in protecting your information is more significant than ever. Phishing is one of the most popular tricks in the scammer's toolbox, largely due to its success rate. They send deceptive messages disguised as communications from a trusted entity, attempting to coax you into revealing crucial sensitive information. Because of the ease with which a phishing email can be crafted, they often take on the guise of fraudulent wire transfer requests, banking account changes, or even something as mundane as a bank account password reset page. GreenStone is committed to helping you stay secure. Here are some key ways you can identify and neutralize such attempts:
1. Unsolicited Requests: Be cautious of unexpected emails or texts, particularly those asking for wire transfers or sensitive information.
2. Urgency: A message that tries to create a sense of immediate action is often a warning sign.
3. Sender Verification: Always verify the sender's details. Watch for slightly altered email addresses that closely resemble legitimate ones.
4. Links: Treat every link in an email with suspicion. Hover over it to check its destination before you click.
5. Spelling and Grammar: Typos or poor grammar in messages are often clear indicators of phishing scams. Besides spotting phishing attempts, we should also understand the importance of vigilance in certain scenarios. Take, for example, a loan process. It is a chance of connections involving you, GreenStone, title companies, realtors, and possibly other participants. Each link in this chain is an email of information exchange. A single compromised link, infected by cyber attackers, could put the entire chain at risk.
That’s why we must be on guard when it comes to emails involving sensitive information including wire instructions or other personal sensitive information. Use your gut instincts, if something feels off, like the timing of the message or the language used is out of place, it’s critical to verify its authenticity.
GreenStone takes your information and privacy seriously; all of our websites and emails are secured using current internet security standards of encryption, TLS, which stand for “Transport Layer Security” and ensures your information is encrypted between your computer and our website to prevent unauthorized access. We also offer a secure File Exchange platform to share sensitive information using our My Access customer portal.
Remember, a chain is only as strong as its weakest link, our email conversations are only as private as the most secure email. With this in mind, let's also ensure you're well-fortified with:
1. Confidentiality: Never disclose sensitive information or conduct wire transfers based on unsolicited messages.
2. Device Updates: Keep your devices updated to patch security vulnerabilities.
3. Financial Monitoring: Regularly check your financial statements and immediately report any irregularities to your bank.
4. Multi-factor Authentication (MFA): Enable MFA on your accounts wherever possible, especially on your email and bank accounts.
5. Verification: Always verify wire transfer instructions, particularly if there are any changes. Use known, trusted channels for this verification.
Should you receive a suspicious message that appears to be from us or your bank, don't hesitate to contact us. Use contact details that you trust, not the ones provided in the suspicious message.
We prioritize your security in the digital landscape. With vigilance, robust safety measures, and a keen eye, we can together keep your digital fields safe.
References
Verizon. (2023). Verizon 2023 Data Breach Investigations Report. ■