Why Spear Phishing Is Your Biggest Cyber Security Threat
In the book Spam Nation, investigative journalist and cybersecurity expert Brian Krebs revealed the single most effective (and relied upon) way cybercrime rings gain access to your bank account, credit cards and identity. Ready for it? E-mail.
Whether it’s opening an attachment infected by a virus, or a phishing scam where you unknowingly give up your login to a critical website, e-mail still remains the most popular and reliable way digital thieves can rob you blind, steal your identity and wreak havoc on your network.
Worst of all? You’re INVITING them in! While there are a number of things you need to do to protect yourself.
HERE ARE FIVE PIECES OF INFORMATION YOU (AND YOUR TEAM) SHOULD NEVER PUT IN AN E-MAIL.
Tax File Number
Think of this as your “bank account” number with the government. You should never e-mail this to anyone because it can be used to open credit cards and steal your identity.
Never send an email for your bank account numbers, routing numbers and banking login credentials. Further, avoid sending a voided, blank check as an attachment to an e-mail.
Your credit and/or debit card information
NEVER update a credit card via an e-mail! If you need to update a card with a vendor, there are two safe ways to do this. The first is to log in to your vendor’s secured site by going to the URL and logging in.
Do NOT click on a link in an e-mail to go to any website to update your account password or credit card!
Hackers are masters at creating VERY legit-looking e-mails designed to fool you into logging in to their spoof site, which LOOKS very similar to a trusted website, to enter your username, password and other financial details, thereby gaining access.
A good way to update your account is to simply CALL the vendor direct.
Login credentials and passwords
You should never share your passwords or answers to security questions with anyone for any site, period.
An ATTACHMENT that includes any of the above is just as dangerous to e-mail as typing it in. Never e-mail any type of financial documents (or scans of documents) to your CPA, financial advisor, bank, etc.Remember: Banks, credit card companies and the government will never ask you to click a link to provide them with any of the five items above.