IT security is not just installing firewalls and making sure your antivirus is up to date (or that you are using antivirus). It’s an overall plan and part of that is how each user deals with IT. Educating users on how to handle emails that look legitimate, how to deal with a phone call where someone is telling you that you need tech support is all part of the plan.
We constantly get calls from people who are suspicious of a call or email received where they are instructed to give information such as login credentials, credit cards, or telling them to log in to a site to gather information. Let me list some examples:
- You get an email from Wells Fargo telling you that your password is about to expire, and you need to login to change it. Just click this link.
- Microsoft is calling to let you know that your antivirus is outdated, and you need to update or renew it, or, that your computer is reporting an error.
- Your state’s Unemployment Commission has issued new rates for this year and you can click on the link to download the info
- You get an invoice from a friend who never sends you an invoice. You open it to see what it is.
- You get an email from a familiar source with one word in the subject, “Interesting”, in the body is just a link. No other text.
If you have a Wells Fargo account, when you log in, a notice will let you know that you might want to update your password. Wells does not send an email like that. Don’t click the link! This is a scam to get your login credentials. The link takes you to a place where you must type that in. Once you do, they have access to your account.
Microsoft never calls to tell you that you need tech support!! They don’t have enough people to monitor everyone’s PCs. Hang up! DO NOT GIVE ANYONE REMOTE ACCESS TO YOUR COMPUTER.
The Unemployment Commission sends letters documenting whatever information you need, or, you can log into their portal to find whatever you need, or, you can call them.
If you get an invoice from a friend, don’t open the attachment; call them and ask if they sent it. If they didn’t, then you know their computer or email service is compromised.
If you get an email with no text, just a link, call the familiar source and ask if they sent it. Otherwise, delete it. Do not open it.
These are just a few of the wide range of scams used to get your info, to destroy your data or steal your identity. The most important tool is educating everyone about what to do, to be cautious, to think about it before clicking on it. The best services in the world can’t stop a user from making a mistake like this. To protect your company, your assets, and your data, educate everyone all the time.
Robert Lane
President/Owner
ASE, Inc.
Getting you ready for tomorrow today
703-273-8388 ext 111
ASE, Inc. is an IT technical support services and consulting firm in the Washington DC Metro area. Since 2000 ASE has focused on providing outsourced IT department services to small and medium businesses as well as providing senior level expertise designing, installing and managing complex networks as well as security consulting to very large entities in both commercial and federal markets. Call ASE today – 703-273-8388.