Clearwater 2/24/2011 2:36:47 AM
News / Internet

CRI Urges Computer Users to Protect Themselves as Phishing Scams Rise

Dear Sir, I am a Nigerian Prince writing to you for help, as you are the only one I can trust….

According to M86 Security Labs, the amount of unsolicited emails, or spam, received in America has gone down by one-third in 2011. However, instead of being a welcoming relief to email users, it appears that spammers have gotten smarter, and the amount of phishing has gone up. “You have to protect yourself and your company. By falling for a phishing scam, your company could lose hard earned money,” warns David McCraney, a Technology Consultant and Certified Information Systems Auditor at Carr, Riggs & Ingram, CPAs and Advisors (CRI). “One of the best ways to protect yourself is by getting educated and educating your employees.”  Phishing is an attempt to gather valuable personal data, such as social security numbers, passwords, credit card information or bank account numbers, through email. 

“There are many suspicious warnings that you are being targeted by a phishing scam,” says McCraney. “The classic example is the Nigerian King who needs your help – and your bank account number. But many attempts are less obvious.”

A phishing email will impersonate a creditable source, and ask for valuable data. This is not only disastrous personally, but can be catastrophic for businesses and firms.  Phishing attempts can range from an email stating your Fed Ex package was returned undelivered to a phony message from an email provider requesting you change your password, to a notice from your bank. For instance, a recent Netflix phishing scam asks Netflix users to update their credit card information by clicking on a link included in the email, enabling phishers to gather valuable credit card data.

Here are some of McCraney’s tips to help companies and their employees avoid becoming the victim of a phishing scam:  

·         Do not respond. A financial entity will never send you an email to confirm your account information. They already have the information, and they have no reason to confirm it.

·         Be on the lookout for emails from contests you have never entered, banks you have never signed up for, or other services you have never used. If you have not done business with the entity sending you the email, it is most likely a phishing scam.

·         Be on the lookout for emails from governmental agencies such as the IRS, Social Security Administration, and others. These agencies never send unsolicited e-mails or ask for personal identifying or financial information via e-mail.

·         Do not let your employees use their business email address for personal use. 

·         If you have doubts about the email, contact the company via telephone where the email is saying it is “from”. If you have an account with Bank of America and receive and email from them that seems suspicious, call up the company and see if they really did send out the email.

·         If you do have an account with the entity, never click on the link in the email. Instead, use the entity’s login link on their website to access your account.

·         Use a spam filter. Since phishers send out emails by methods similar to spammers, a good spam filter on all corporate email accounts can catch a majority of phishing emails. However, you should still be wary of suspicious emails should they manage to get through your spam filter.

·         Do not post company email addresses on the internet unless it is scrambled (for example myemail [at] emailprovider.com instead of myemail@emailprovider.com) or on a secure site. Many phishers troll the internet looking for email addresses. If you would like customers to be able to contact you through your company website, the best way is to include a form for customers to fill out, instead of providing your email address.

CRI’s proprietary controls have made the company the number one choice for many firms seeking to protect themselves from the idle malice of hackers seeking amusement or financial and personal gain.

While CRI services the Construction, Manufacturing/Distribution, Not-for-Profit, Government, Banking, Healthcare and Professional Service industries, McCraney states that more industries are seeing the need for better IT peace-of-mind. 

For questions on the security, or risk, of a company’s IT infrastructure, David McCraney can be reached at CRI’s Tampa Bay location via 727-446-0504.

About Carr, Riggs & Ingram, CPAs and Advisors:

CRI is ranked 34th nationally and 4th regionally in Accounting Today’s top 100 national firm listing. Today, CRI has over 600 employees in 24 offices throughout Alabama, Florida, Georgia, Louisiana, Mississippi, Tennessee, and Texas and is recognized as one of the fastest growing firms in the United States. CRI offers comprehensive tax, audit, and consulting services to both businesses and individuals. For details regarding their service and industry specialties, please visit www.CRIcpa.com.

 

# # #