Phishing attacks at all levels are on the rise.
According to the dictionary, phishing is a way of attempting to acquire sensitive information such as usernames and passwords, credit card numbers and account information, by masquerading as a trustworthy and legitimate company in order to induce individuals to reveal personal information.
Phishing scams have been around for close to 20 years, and their tactics are becoming more sophisticated every year. A majority of these scams used to be aimed at individuals, but more and more phishers are targeting merchants. Merchants tend to deal in larger sums of money, meaning greater reward for a successful scam. So, as a merchant, how can you protect yourself and your company from falling prey to a phishing scam?
1. Look out for “official” emails – The most common form of phishing scams take the form of an official looking email. These often cause panic by claiming your account is under suspicion or being frozen for fraudulent activity. They suggest you click on a link they provide and enter your user information to authenticate the account. Do not click on any links! Rather, open a separate browser page and follow your normal routine to access the real company’s site. Once there, you can confirm with them that all is still well with your account.
2. Be careful about incoming “official” phone calls – The second most common form of phishing scams is phone phishing. Similar to email phishing, an individual will call pretending to be from a legitimate company. They will claim that there is a problem with your account and will ask you to provide account information to confirm your account and clear up the issue. Do not provide this information! Politely decline to answer their questions and hang up. If you are concerned about your account, call the company yourself.
3. Be careful about who has account information – You may take the time to educate yourself about phishing scams, but are your employees as scam savvy as you? Make sure that anyone that has important account information also has the knowledge to avoid dangerous phishing scams. Have regular training sessions, and test your employees for compliance. Organizations like OnSecurity could help you by performing a periodic phishing simulation that can increase employee awareness about such scams and also allow them to identify, avoid, or report any phishing emails or other attacks. The more they know, the safer you will be.
In this age of rapid digital advancement, it’s very important that merchant services keep updating themselves on digital data security. When it comes to dealing with large amounts of money and other sensitive financial information, it is best to follow the saying ‘Prevention is better than cure’. So, make sure that your organization finds ways to stay one step ahead of any attackers and other malicious entities.