Let’s be honest, nearly all of us have been victims of a friendly April Fool’s prank at some point. The day (and month!) is full of (mostly) harmless pranks and jokes by friends and family. But let’s not forget that getting targeted by hackers and cyber criminals is also very much a reality. Pranksters love to play jokes on businesses and unsuspecting individuals, but cybercriminals like to take advantage of this time to cause serious security incidents with unforeseen costs.
April fools’ day is not the only day these cybercriminals use to take advantage of people’s naivety and lack of awareness, the frequency of these cyber crimes has actually been growing for a while. With a reported 150% rise in ransomware attacks between April 2020 and July 2021, it is becoming increasingly important and essential for people, especially employees to learn more about how they can protect themselves as well as their organizations from hackers and different types of cyber criminals.
This April Fool’s Day, Storagepipe would like to raise awareness around cyber-attacks, share with you some common examples of the tactics used by cyber criminals and discuss how you can identify scams and protect yourself, your businesses, your employees and your customers.
Let’s get right into it. Here are some of the most famous internet and telephone scams that you must have heard of:
The CRA Scam:
This is a very common scam in Canada, especially during tax season. You might receive calls or emails that may seem to be from the Canada Revenue Agency (CRA). You might be told that you owe taxes or that you are in trouble with the tax department and that you must make payments or give out your credit card or banking information. Sometimes they might even send you links to fake websites that might look exactly like the real CRA website. It is best to just hang up on the call or delete these emails. The real CRA will never call, email, or text you asking for this kind of information.
The Prize / Lottery Scams:
In these types of scams, you might get a phone call or email saying that you have won a prize, such as cash, a car, an iPhone or a vacation. The scammer will tell you that you need to make a payment to collect your prize, and they might ask for your credit card or banking information. You obviously won’t receive the prize that you were promised but now the scammer can make charges on your credit card, or worse drain your bank account. Once you lose the money, you probably will not get it back.
The Nigerian Prince / Emergency / “Grandparent” Scams:
In these types of scams, the scammers pretend to be close friends or relatives in trouble. A very common one is when the scammer pretends to be a long-lost relative who is a Nigerian prince that needs your help to save his life or to move large sums of money internationally. This scam is so popular and successful at reeling in victims that it’s earned the name, ‘cat fishing.’ They might ask you to send money because of an accident, an injury, an arrest, or a robbery. And just like with all the other scams, this is likely just a way for scammers to get access to your bank account. They often target seniors but anyone of any age can be the victim of these kind of scams.
Other examples include phishing, social media account hacking, fake cryptocurrency, fake charities, fake lotteries, fake surveys, fake kidnapping, fake tech support, fake free stuff, identity theft, and the list goes on and on!
Now that we’ve talked about how hackers commonly target individuals and employees, let’s discuss what you could do to prevent yourself from falling for their tactics. Here are some ways you can ensure that you, your data and your systems are protected:
1. Adopt a strong Password Management strategy:
It is always advised to use strong, unique and difficult to guess passwords for all your accounts and devices to ensure your data is protected across all different systems. We understand that it can be hard to remember numerous unique alphanumeric combinations (which aren’t a combination of your dog’s name and your birth date) for different accounts and devices, that’s why we recommend using a reliable password manager service. A secure password manager can automate the process of creating, encrypting and storing individual passwords so that you don’t have to remember dozens of them at all times. Also, don’t forget to keep updating these passwords every now and then as another precautionary measure.
2. Utilize Multi-factor Authentication features:
Using a multi step verification/ authentication process while logging into your accounts and devices adds another layer of security to your data protection strategy. Using a reliable authenticator app or using built in application-based unique one-time-passwords (OTP) through email, text messages or calls are very helpful in this process. They are used to add another layer of protection to prevent access in case hackers somehow gain access to your passwords.
3. Do NOT click on links or attachments from unknown email addresses:
It only takes ONE wrong click to download viruses or give hackers access to your entire computer system. So, if you receive suspicious emails with links or attachments, don’t click on them unless you’re absolutely sure they are from reliable sources.
Storagepipe provides superior protection against ransomware, viruses, malware, spear phishing, email DDOS and undesirable emails. Our Fully Managed Anti-Virus and Anti-Spam Services are just what you need to strengthen your multi-platform threat prevention strategy.
4. Look for the ‘S’ in https:
Continuing with the above listed point, another good indicator of a potential problem is if you receive a URL in an email without the ‘S’ after the http in the link. The ‘S’ literally stands for ‘secure’ and indicates that the website has an SSL (Secure Socket Layer) certificate. You should always hover your mouse over any link to see it’s true destination and if you can’t see the ‘S’, you definitely should NOT click on the URL.
5. Invest in Cybersecurity Awareness Training programs:
The National Security Agency reports that over 90% of cyber attacks are preventable with basic Cybersecurity Awareness Training. So, by just taking a cybersecurity awareness course and keeping in mind all the points listed in this article, you might already be a few steps ahead of those cyber-criminals and save yourself from serious issues and huge losses!
No matter how large or small a business is, it’s a target for cybercriminals. That’s because it can only take a single unwitting click on a phishing link to grant criminals access to everything on a given network and, in some cases, beyond. It’s also why security awareness training and phishing simulations are essential for organizations who want to transform end users from the weakest link in the security chain, into a truly resilient first line of cyber defense.
Storagepipe’s Cybersecurity Awareness Training provides the continuous, relevant, and measurable testing and education that businesses need to minimize risky user behaviors and resulting security incidents.
6. Schedule regular Data Backups:
Storagepipe’s Backup as a Service (BaaS) solutions provide Complete Data Protection for VMware, Hyper-V and Physical Systems among other things.
World Backup Day falls on March 31st every year, the day before April Fools Day, which is perfect timing to make sure all your regular data backups are scheduled are running properly across all devices and platforms. The “I’ll do it tomorrow” approach on World Backup Day could land you in some serious trouble in case you get fooled the very next day on April Fools’ Day!
If you’re not sure where to begin, here’s a guide Storagepipe created with 3 Effective Data Backup and Recovery Strategies to help you plan things better and be prepared with a recovery plan in case disaster strikes! Which brings us to our final point below.
7. Have a Disaster Recovery Plan ready:
No matter the size, location, or industry, organizations need to take the time to put together a well-thought-out and practical strategy for implementing DR best practices and scheduled maintenance.
Organizations should have an easy-to-understand step-by-step guide on what to do in a data emergency so that employees, partners and vendors understand their roles, responsibilities and the resources available to them before, during and after crisis strikes.
Storagepipe has put together a template to guide you through the process and information that you need to gather, assess, and build upon for effective data Backup and Disaster Recovery. Download your copy of our DR Plan Template here!
We hope you can now better understand how common and dangerous cyber threats, hacking, viruses, malware, ransomware and other cyber attacks are. However, more than 90% of these incidents are preventable with the right kind of Cybersecurity Awareness Training.
If you spend some time learning more about how these cyber attacks work, how hackers and scammers approach people, what kind of tactics they use and how you can deal with them, you can prevent cyber attacks and protect yourself from becoming one of their victims.
The World Wide Web is an incredible source of information, innovation, and entertainment! Have fun with it, keep learning new things, all while staying vigilant and safe on the internet!
Learn more about Storagepipe’s Cybersecurity Awareness Training!
Have any questions? Contact Us to learn more about all our services!
Happy April Fools’ Day! We promise we won’t fool you though!