It’s no secret we are all targets of opportunity. In 2013 Internet Crimes IC3.gov reported receiving over 262,813 complaints. The IC3 adjusted dollar loss of complaints was $782.1 million for 2013. We all accept a bit of risk and routinely change our habits and actions around what we know of crime and its victims. Common sense and crime statics dictate to us that the risk of becoming a victim changes with simple things such as time of day, our level of awareness and how prepared we are. Though by no fault of our own hundreds of thousands of Americans fall prey to a new kind of criminal activity. Identify theft, the act of assuming a person’s identify for the purpose of transacting with financial institutions is rapidly becoming a common tool used by online thieves to transaction millions of dollars from unsuspecting victims. We see this type of behavior daily as we review logs and alerts on our clients network firewalls that block and log the source of the traffic. If the solution were that simple the thieves would find another path however Social Media Engineering continues to be the number one method of stealing someone’s identify. Often users will use the same password for all of their email and website accounts. Stealing someone’s identity is often as simple as guessing or hacking their email address. The criminal then begins to read old emails, sent items and rebuild your life through your communications, learning where you bank, who you do business with, and then they begin to assume the role of being you, often emailing or even calling by phone to make certain requests in order to get the info they are looking for. Business owners are often big targets as criminals know they are busy, typically have more resources than the average Joe and will often transact huge sums of moneys for business operations using bank wire transfers and personal relationships with the bank managers they often do business with. How can we protect ourselves?
- Be vigilant, use passwords with more complexity such as characters, numbers, Case sensitive, longer pass phases of 8 or more characters.
- Use different passwords for different websites, accounts, and emails.
- Encrypt your emails when sending a sensitive communication, if your organization does not currently have this functionality contact us today!
- Never divulge account information, credit card numbers, or personal information such as social security, date of birth, by email or phone.
- Never assume an email is legitimate, call the sender to verify they sent the request, validate the nature of the request.
- Utilize hard drive encryption tools, ensure your data is encrypted on your personal computers.
- Educate the users at your office on using these safe practices and protect you and your clients data from falling into the wrong hands.
Already a victim? Report the activity to the Federal Bureau of Investigation. You can report internet crime by calling your local FBI office or using their website to report the incident at http://www.ic3.gov/default.aspx
If your organization would like more information on how to better protect your business and users from this type of fraud contact us today to schedule a time to meet and discuss the challenges that are facing your business today!