Tips to identify scams and maintain data securityTips and best practices to reduce the risk of falling victim to scam emails, text messages, and phone calls.
Identifying scam emails, text messages, and phone calls is essential for protecting your company and yourself from fraud and malicious activities. Criminals now use voice cloning, phishing, and AI technologies like ChatGPT to trick people. The ACCC’s Targeting Scams report revealed that Australians lost a record $3.1 billion to scams in 2022. This highlights the importance of staying vigilant and informed to safeguard against scams.
How to recognise a scam
To help you stay cyber-safe, here are some essential tips and tactics you can use to help you recognise and avoid scams, including protecting yourself from voice cloning.
Pay attention to the sender or caller
Scammers often use deceptive email addresses, phone numbers, or caller IDs to appear legitimate. It is crucial to be cautious of unfamiliar or suspicious contact information. Scammers usually craft tailored emails through free email services like Gmail, posing as internal personnel – often senior management. You should never act on an email originating from a free email account asking you to do anything without first picking up the phone and confirming with the individual who supposedly sent it to you. To mitigate this risk, use and implement closed internal systems such as MSTeams or Slack to communicate within your organisation.
Verify independently through a separate channel
If you receive a message or call claiming to be from a legitimate organisation, independently verify the information. Look up the organisation’s official website or contact them directly using a trusted phone number or email address. Do not rely solely on the information provided in the message. If you receive a suspicious phone call purporting to be from a staff member (or family, friend, bank, government department, etc.), hang up. Call back via a legitimate number to verify their identity. Be wary of unexpected phone calls, even from people you know, as caller ID numbers can be faked. If you receive a call from an automated voice, hang up immediately and block the number.
Poor grammar and spelling
Scammers becoming increasingly proficient in their writing, especially with the rise of technologies like ChatGPT. However, scam messages usually include typos, grammatical mistakes, and awkward phrasing. Legitimate organisations typically have professional communication standards, so errors can indicate a scam.
Urgency and threats
Scammers often create a sense of urgency or use fear to pressure you into providing personal information or taking immediate action. They may threaten legal consequences, account closure, or loss of funds. Be sceptical of such tactics and verify the information independently.
Most banks offer a security guarantee that protects customers from loss due to unauthorised transactions, provided you follow some necessary steps. These include protecting and not giving anyone access to your device, password, PIN, etc., and immediately notifying the bank about any password loss, theft, or suspicious activity on your account.
Requests for personal information
Never give out passwords or credit card details through email, text, or unsolicited phone calls. Only provide personal information if you can verify the legitimacy of the request. Before filling out online forms or subscribing to emails, ask yourself if you need to provide certain information. Do you need to provide your actual date of birth to subscribe to a newsletter? Consider how your data could be compromised and be conscious of who you share your details with. Regularly checking your online accounts and statements can help detect signs of identity theft before it is too late. Remember, being cautious about protecting your personal information can go a long way in ensuring your online safety and security.
Suspicious attachments or links
Avoid clicking on suspicious links or downloading attachments you weren’t expecting. Be cautious of email attachments or links in messages, especially from unknown sources. These can contain malware or direct you to fraudulent websites designed to steal your information. Train yourself to resist the natural tendency to click on things without first checking automatically.
Unusual requests or offers
Be wary of unsolicited offers, especially those promising large sums of money or prizes. Scammers may ask for upfront payments, gift cards, or wire transfers as part of a supposed opportunity. Exercise caution and research the offer thoroughly before proceeding.
Trust your instincts
If something feels off or too good to be true, it is often a red flag. Trust your instincts and be cautious when dealing with unfamiliar or suspicious communications.
Keep your software updated
Ensure your computer, smartphone, and other devices have up-to-date antivirus software, firewalls, and security patches. Regularly update your operating system and applications to protect against known vulnerabilities.
Stay informed about the latest scams and techniques used by scammers as reported in the media and other trusted organisations. Be cautious of evolving tactics and share information with family and friends to help them stay protected.
If you are interested to learn more, look up the following:
- “How cyber-crime has become organised warfare” – a very chilling investigation by ABC Four Corners; and
- “Experts say AI scams are on the rise as criminals use voice cloning, phishing and technologies like ChatGPT to trick people” – a report by ABC News.
By remaining vigilant and adopting these tips and best practices, you can significantly reduce the risk of falling victim to scam emails, text messages, and phone calls.
The following government websites publish helpful information and the latest insights on cyber safety.
How Kilimanjaro Consulting can help you Mitigate Scams
MYOB’s ERP system such as MYOB Advanced is inherently secure; it is essential to recognise that most data breaches stem from compromised login information rather than system faults. Therefore, we emphasise the importance of robust password management, two-factor authentication, and vigilant user training to mitigate risks against scams and unauthorised access.
To maintain security of your data, it is important to establish a well-defined data recovery plan. Planning not only safeguards your data but will also help you avoid the costly and time-consuming processes of data recovery. To further fortify your data’s protection, we recommend the utilisation of row-level security—an underutilised feature within MYOB Advanced that grants users control over data visibility for specific individuals within their organisation. Additionally, the adoption of a secure online payment portal serves to further reduce the chances of falling victim to scams.
Navigate the digital terrain confidently, ensure your financial data remains protected, and your operations continue uninterrupted.