How to treat these three cyber tricks

Under the cover of the dark web, cyber criminals are refining their sinister methods. And they’re only getting more sneaky and destructive.

Here are three of their most common tricks and how you can avoid getting fooled.

1)  You get a dreadful call that your computer is infected

Here’s one of the most common schemes: You receive a call from someone disguised as a technician who claims your computer has a virus, and for $300 they can fix your problem by accessing your machine.

You provide your payment information and login credentials, and it appears that the tech is “fixing” your computer. In fact, they are either doing absolutely nothing, or downloading malware to transmit your personal and financial information. Scary, right?

How do you prevent this menacing scam?

No reputable computer security company or software firm calls to inform anyone that they have a computer virus. Normally, your firewall will prompt a message prior to accessing a bad file or site, and your anti-virus software will scan and fix your files automatically. Check with your Internet Service Provider, because you may already be receiving these services at no additional cost.

2) You receive a shocking email

An email pops into your inbox with a subject line that says, “Your payment of $4,890 to PayPal has been approved,” or, “I am NOT paying this invoice.”

You can’t resist the urge to open it; it might seem like you’re on the hook for a lot of money or being accused of something you didn’t do.

Emails with subject lines like these are remarkably successful in luring their victims into opening them. The real danger lies in the links. Clicking on these could open the door to malicious software, with ransomware being the usual suspect.

How to prevent this sinister scam?

  • Beware of signs that an email is malicious or fraudulent
  • Delete the email
  • If this happens at work, alert the appropriate person or department, so other employees can be warned and protected

3) You are tricked into transferring funds by an imposter

A Business Email Compromise (BEC) can take many forms, but the most prevalent and costly iterations combine insider information (obtained by hacking or social engineering) with emails.

The BEC scam usually starts off with an email that makes a pressing demand. It appears to come from an executive or trusted vendor who is unavailable to confirm the demand.

The sender demands that you transfer funds immediately to facilitate a deal or to pay an invoice. The receiver may be deceived by the sender’s inside information, such as details of a pending deal or specific relationship.

How to prevent this nefarious scam:

  • Watch for emails that demand you make a funds transfer, change vendor information, or supply personal or financial information
  • Before taking action, confirm the request verbally, either by phone call to a known number or in person
  • Alert the appropriate internal contact so that preventive actions can be taken, such as blocking the scammers and raising co-workers’ awareness
  • Report the attempt to the IC3 on their website.

Awareness of these cyber tricks is your best defense. Whether you’re home, at work or out using your mobile device – always be on the lookout for cyber threats lurking in unexpected places.

For more helpful tips, visit The National Cyber Security Alliance’s StaySafeOnline website.

 

© 2017 The Hartford Steam Boiler Inspection and Insurance Company. All rights reserved. This article is for informational purposes only and does not modify or invalidate any of the provisions, exclusions, terms or conditions of the applicable policy and endorsements. For specific terms and conditions, please refer to the applicable coverage form.

Monique Ferraro

Monique is counsel in Munich Re’s US Cyber Practice at HSB. Previously, she was principal at a digital forensics, e-discovery and information security consulting firm and owner of a law firm. Ms. Ferraro is a Certified Information Systems Security Professional.

Submit a comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s