October is both Cybersecurity Awareness Month and National Cooperative Month. Safety is one, if not the most important subject of electric cooperatives. It is of the upmost importance to Lane-Scott Electric. Cybersecurity is a safety measure that has become increasingly important in recent years. We want to make sure you, as members and community are aware and prepared for the many dangers that exist.
Phishing, spoofing, website or app fraud, and other attempts at cybercrime are on the rise. In recent months, people’s lives have become more dependent on the internet and hackers are taking advantage. You are the first line of defense against recognizing these cybersecurity threats
Don’t Fall for a Phish!
Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords, and credit card info by disguising oneself as a trustworthy entity, typically carried out by email spoofing, instant messaging, and text messaging. It often directs users to enter personal information at a fake website which matches the look and feel of a legitimate site.
How to spot a Phish:
- The email asks you to confirm personal information. It may be asking for information such as banking details or login credentials. Do not reply or click any links. If you think the email is genuine, contact the organization or go directly to their website. Do not use any communication method provided in the email.
- The web and email addresses don’t look genuine. Often a phishing email will come from an address that appears to be genuine. Criminals aim to trick you by including the name of a legitimate company within the structure of email and web addresses. At a glance they might look legit, but have bogus variation intended to appear authentic. For example, @mail.airbnb.work as opposed to @Airbnb.com or Yah00.com instead of Yahoo.com
- It’s poorly written. Spelling and grammatical mistakes, as well as strange turns of phrase, often signify the email is a phish.
- There’s a suspicious attachment. Alarm bells should be ringing if you receive an email from a company out of the blue that contains an attachment, especially if it relates to something unexpected.
- The email content will instill panic in the recipient. The email may claim your account has been compromised and you need to take action to remedy the situation.
Website or App Fraud
Website address and smart device app fraud has become more popular with hackers as the way we use the internet has become more diverse. A malicious party will impersonate websites or apps, making them look legitimate. Once this happens, they often use phishing campaigns to easily get information from customers of the legitimate website.
Precautions to take:
On Your Smart Devices:
- Avoid downloading apps from ads or pop-ups. The safest way to download apps is from your App Store or Google Play.
- Never download apps from text messages.
- Never Open Strange Texts.
- Be careful of using unsecured wireless networks.
On Your Computer:
- Pay attention to the address bar of the website. Look for the address to include https:// The “s” stands for secure and indicates the website uses encryption to transfer data, protecting it from hackers. Websites with just (http://) aren’t a guarantee that website is a scam, but it’s something to watch for.
- The web and email addresses don’t look genuine.
- Watch for poor grammar and spelling.
- Look for reliable contact information on websites.
- Look for several ways to contact the company and try them out. Does anyone ever answer the phone? If the only method of contact is an online email form, proceed with caution!
- Use only secure payments when shopping online. If a website requires you to use a wire transfer or money, stay clear! Even if the rest of the site looks legitimate.
- Walk away from deals that are too good to be true! They most likely are.
- Beware of Pop-Ups. An inundation of ads or pop-ups can indicate that a site isn’t secure. Ads themselves aren’t an indication of a problem, but if there are more ads than content, or you have to click through several ads to be redirected to the website, you have cause to be suspicious.
- Run a Virus Scan. The best way to protect yourself is to install antivirus software on all your devices and keep them up to date.
- Be cautious of links sent through emails and texts from unknown sources.
- Do some research before going to a website. You can quickly check through the Better Business Bureau. If there are no reviews or a lot of negative reviews, beware.
- Review your browser securities.
Don’t Be Spoofed!
Email Spoofing is the creation of email messages with a forged sender address. Often these emails include a link that installs malware on the recipient’s device if clicked. Once clicked, they have access to your credentials, computer information and email contacts, which will then be spoofed as well. Then, they can create another forgery using your email header, so the message appears to be sent from you.
How To Spot Spoofed Emails:
- Multiple hyperlinks throughout the document
- The mail address or extension of the person is incorrect. For example, the email will be .net instead of .com
- Incorrect information within the email
- Misspellings and abbreviated words
- Salutations not normally used by the recipient. Consider who the email is supposedly coming from. Is that normally how they would speak to you?
- The email content will instill panic and require an action be taken. “Click Here to avoid additional fees.” Or it will ask you to perform an action to get something rewarding. “Win a free… by clicking.”