How to Safeguard Against Phishing Emails

Governor Abbot alerts the public that "The United States is on high alert for enhanced potential Russian cyberattacks targeting critical infrastructure and private businesses across the country, including in Texas. Protecting the state of Texas from cyber threats during this time of Russian aggression is paramount." As such, now is a time to review how you handle phishing emails.?

Phishing is when attackers send fraudulent emails to try and trick the recipient into revealing sensitive information. It is also something of which you and every member of your staff should beware. Scammers will use email or text messages to trick you into giving them your information, your customers' information, or your business's personal information. They may try to steal your passwords, account numbers, or Social Security numbers. If they get that information, they could access your email, bank, or other accounts. Scammers launch thousands of phishing attacks like these every day — and they're often successful. The FBI's Internet Crime Complaint Center reported the loss of over $50 million annually to phishing schemes. Scammers will often update their tactics.

TIPS TO AVOID PHISHING SCHEMES

Phishing emails and text messages may look like they're from a company you know or trust. They may look like they're from a bank, a trusted vendor, a credit card company, a social networking site, an online payment website or app, or an online store.?

Phishing emails and text messages often tell a story to trick you into clicking on a link or opening an attachment. They may:

• say they've noticed some suspicious activity or log-in attempts
• claim there's a problem with your account or your payment information
• say you must confirm some personal information
• include a fake invoice
• want you to click on a link to make a payment
• say you're eligible to register for a government refund
• offer a coupon for free stuff

WHAT TO DO IF YOU SUSPECT A PHISHING ATTACK

If you get an email or a text message that asks you to click on a link or open an attachment, answer this question: Do I have an account with the company or know the person that contacted me?

If the answer is “No,” it could be a phishing scam. Remember the tips to avoid phishing schemes discussed previously. If you see them, report the message and then delete it.

If the answer is “Yes,” contact the company using a phone number or website you know is authentic, not the information in the email. Attachments and links can install harmful malware.

HOW TO REPORT PHISHING

Reporting a phishing email is essential in combating fraud. To report a phishing email, you should forward it to the Anti-Phishing Working Group at?[email protected]. If you suspect you received a phishing text, you can forward it to SPAM (7726). And report all phishing attacks to the FTC at?ReportFraud.ftc.gov.

WHAT TO DO IF YOU RESPONDED TO A PHISHING ATTACK?

If you think you clicked on a link or opened an attachment that downloaded harmful software, update your computer's security software. Then run a scan.?

This information about phishing attacks appears in TIADA's course, “Dealerships and Customer Information: Complying with the Safeguards Rule.” To stay compliant with the FTC's Safeguards Rule, dealers are now responsible for ensuring their employees are trained in protecting customer information. For more information about the course, please?watch our video?or visit?https://www.txiada.org/safeguards-rule, or enroll today on?the Dealer Education Portal.