Keeping up with Federal, State and local legislation, such as privacy laws and other legal issues affecting our work is a primary focus for many of us. We also need to be aware and understand the many threats that affect us all as business owners, managers, and consumers.
Understanding & identifying the threats:
Phishing – one of the most lucrative businesses for identity theft perpetrators. A typical phishing scam is an attempt to obtain personal and sensitive information by phishers who send out emails that have the appearance of coming from a legitimate company. These technologically savvy von artists use a wide variety of sophisticated devices to steal that information from you; these devices may include pop-up windows, URL masks, and keystroke loggers.
Pharming – the cybercriminal acquires your personal information by a method called “DNS poisoning”. The cybercriminal basically hijacks a web site domain name or URL and redirects users to the criminal website where fraudulent requests for information are made.
SMiShing – is an emerging threat to cell phones. You will receive a text message on your cell phone in an attempt to sneak a virus on your device or gain personal information.
Vishing – very similar to phishing scams. These scams rely on using voice over internet Protocol (VoIP) to steal a consumer’ identity. Check out http://www.smellsphishytome.com/what-is-vishing/
Spear Phishing – is basically a much targeted form of phishing. You may receive an email that appears to be 100% genuine from your boss or company, or even your bank (the cybercriminals are now using actual company logos to trick you) but it is instead an email that has been faked or “spoofed” asking you for personal information.
Security is good business…plain and simple. Clients and customers have become increasingly aware of the risk of identity theft and are concerned about their privacy.
If they see that a business is committed to the security of their information they will of course be more like to do business with you. After all, it is the law that companies take proactive steps to secure all sensitive information they possess on their clients.
- Assess your inventory and keep it up to date. Including computers, laptops, disks, files and any other equipment storing your client’s personal data.
- Secure your computers with virus scan software, firewall protection and password protection.
- Keep files, tapes, CD’s and all other sensitive information in a safe and locked area when unattended.
- Shred things you no longer need. Be careful of disposing sensitive data. The dumpster divers are still out there!
- If a security breach occurs, make sure you have a plan to deal with it.
Knowledge is power….Stay alert and top of the latest threats. Learn more on this topic: