Is that PayPal email a potential cyber attack?
Cyber criminals know popularity means opportunity.
With PaPal being one of the world’s most popular online payment methods, it’s pretty obvious why a cyber criminal will use this to their advantage.
According to the latest research, paypal was the most impersonated business out of all financial phishing attacks last year.
A Phishing attack is when a person or bot impersonates a trusted person or business in order to get people to reveal personal information such as passwords and banking information.
Last year, almost 3 in 5 attacks pretended to be paypal!
If you or an employee falls for a phishing scam, it can be detrimental to your business.
First let’s look into why cyber criminals would do this, then we will touch on how they are doing it, and finally what you can do to protect yourself and your staff from a possible attack.
Why do Cyber criminals perform phishing attacks?
The answer here is simple.
To get your personal information.
They will use your personal information to gain access to your different accounts to ultimately steal your money.
They also want to gain access to your contacts so that they can continue to target more and more people, and get more money.
How do Cyber Criminals do it?
There are many different tactics cyber criminals use to get their job done.
One of those ways is Phishing attacks.
They will pretend they are someone you trust to get you to open an email from them.
The email may even look like it came directly from them, which makes it very tricky to spot and highly successful for the cyber criminal.
It can be as simple as opening an email or attachment from a cyber criminal and they now have access to your network and device.
From here they will spy on you and collect information, such as a username and password to your bank account or email account.
If they get access to your email account, they can usually get into almost any of your other accounts as well as deploy another tactic.
They will leverage your contact list, pretend to be you, and perform their phishing attack right from your own email account!
There are obvious reasons why you want to avoid running into this situation at all costs, especially for a business owner or executive.
How do I protect my staff and myself?
The first thing you need to do is enable multi-factor authentication on every account.
Multi-factor authentication is where you will use another form of verification to prove you are who you say you are.
Normally, you will login with your username and password, then be prompted to enter a multi-factor authentication code from an app on your phone or a text message.
Multi-factor authentication blocks 95% of attacks on accounts, so this is one of the most simplest and easiest ways to protect yourself.
Second, you need education and training.
You and your staff need to know how to spot suspicious emails and activity, and have a plan in place on what to do if you do have a breach.
Most businesses and companies work with a managed service provider to help them deploy the best protections and policies, provide the education on how to recognize suspicious activity, and be there to remediate in the case of a breach.
Here’s a quick video explaining more about cyber criminals using Paypals name to perform their phishing attacks.
Are you and your staff protected and trained on how to spot different cyber attacks?
We are offering a free no-commitment 15-minute discovery call where our IT experts will audit the cyber security for your business as well as answer ANY question you have.
Click here to book now as this time is usually reserved to help our current clients.