I think of myself as pretty computer and internet savvy, so when I almost fell for a phishing scam last week I was shocked. It went down like this. I had placed an order through a well-known company and provided my phone number to get delivery updates. A few days later I got a text asking me to confirm my shipping address through the USPS system. Although I didn’t recognize the phone number, I assumed it was related to my order and so I clicked the link. The page that came up looked identical to the USPS website so I started to fill out the form, then paused. Something didn’t seem right. Usually, when I’ve been asked to check my shipping address, the system offers what I entered, as well as their suggested take on what needs to be fixed. This form was blank. Then, I looked up at the address bar to make sure I was on the actual USPS site. I was not! The address was www.delivertow.com. Just to double-check my suspicion, I did a Google search for www.delivertow.com, and sure enough – SCAM.
Phishing continues to present a substantial risk and is often cited as a top security concern. There are increasingly sophisticated attacks using deceptive emails, messages, ads, or sites that look similar to sites you already use and they prey on the weakest link in the security chain: people. And, business websites can be easy targets for phishing/ hacking scams. As website experts, we have seen it happen before.
So, just a friendly reminder to second guess anything with the following red flags:
- Asks for personal or financial information.
- Asks you to click links or download software.
- Impersonates a reputable organization, like your bank, a social media site you use, or your workplace.
- Impersonates someone you know, like a family member, friend, or coworker.
- Looks exactly like a message from an organization or person you trust
- Contains misspellings and grammatical errors
- Conveys a sense of urgency or threat
- Shows links that don’t look quite right
- Sounds too good to be true
If you’re ever unsure, don’t hesitate to reach out to a trusted friend, or family member, or call us. If it’s been a while since the security on your website has been reviewed, contact us. We may be able to upgrade the anti-hacking protection to prevent issues. And, although we hope it never happens, Dynamics Online can also decontaminate hacked sites. In the meantime, protect yourself from scammers by being alert, informed, and sharing your encounters with scammers to help others be more aware.