Hackers take advantage of current events and trends. This time of year, the majority of people are preoccupied with the holiday season: ordering gifts and supplies, planning meals, family trips, and the like. Unfortunately, that means opportunities to become targets have just increased.
Here’s a typical scenario: You receive a text with a coupon for Home Depot. Hey, you still must get your brother a present, and wouldn’t something from Home Depot be perfect. You get ready to click on the link to claim your 10% off coupon, and you realize the phone number the text came from doesn’t look quite right. It’s a (220) number, and you think Home Depot would probably send from a 1-800 number.
Then, you realize you never signed up for Home Depot text alerts in the first place, so you quickly move your hovering finger before it can click on what you now realize is a nasty link.
Oh, and with all the online ordering you’ve been doing, those delivery updates via email and/or text are awfully helpful. Oh wait…. This text that just came through said there was a problem with the delivery and to click here for updates….
While security awareness training can help you identify phishing attempts and potential cyber threats, slowing down and common sense can be your best defenses in the heat of the moment.
Here are a few checks to mentally perform whenever you receive an email, text, or phone call that seems a tad bit off.
- Look at the sender’s information (email, phone number). Does it make sense? Emails from Home Depot will probably come from the HomeDepot.com domain. Hackers cleverly disguise their domains so that at that first, rapid glance, they look legitimate. Often, the fake domain might replace look-alike letters (a zero for the letter “o” for example) so that your brain automatically sees what the hackers want you to see.
- Did you sign up for a newsletter, alerts, or notifications from the sender? In the above Home Depot coupon example, I realized I never signed up for Home Depot notifications. I shop exclusively at Lowe’s.
- Take a few deep breaths and think it through. Did you ever order Norton Antivirus in the first place? If not, then the email that the renewal just went through and your credit card has been charged is fake.
- If the notification passes your first tests, go straight to the site and check the status of your order, information, delivery, or updates there. If it’s a valid notification, it will show up in your account.
In this day and time, you can never be too careful.
Happy holidays from Duffy Compliance, and we hope that you have a safe and joyful holiday season and a prosperous new year.