Avoiding Phishing Scams
Stratford Management’s head of online security has released an alert to its customers and the international wealth management community to avoid online phishing scams.
With the instance of reported scams and online fraud on the rise, cybersecurity is more important than ever. In particular, sophisticated phishing scams are targeting wealthy individuals for financial gain or to gain access to profitable personal data.
A phishing scam can take various forms of solicitation including emails, SMS, instant messaging, social media notifications, and telephone calls. Phishing communication is often designed to imitate the wording, branding, and logos of genuine companies to appear real. They might look like emails from people or companies you “think” you know.
As leaders in financial planning and comprehensive wealth planning; Stratford Management utilizes the latest in cutting edge online security technology to protect the assets of its clientele. However, this doesn’t ensure protection from external scammers trying to contact its patrons directly. This is why Stratford Management now reminds its clientele that if anyone contacts you from a company or organization (including Stratford Management itself) never volunteer any personal or financial information without first checking the identity of the caller.
Scammers can conceal their true identity and appear as representatives of an organization that you are familiar with or have an existing relationship with. If you’re unsure, end the phone call. Delay responding to any emails that appear to have come from them. Check with a known company representative to see if the contact was genuine.
One of the best ways to avoid falling victim to a phishing scam is to understand how they work. In general, phishing scams can be differentiated into three distinct forms:
This kind of phishing has a low level of sophistication and generally trends to emails or messages sent indiscriminately to a large pool of targets. Your name, for example, may appear as the intended recipient – but the content of the email might not make sense or contain grammar and spelling errors.
Sometimes this kind of generalized phishing can look like a valid mailing list for a topic or product that you may be interested in. These kinds of emails often contain urgent instructions to click on certain links or open attachments. Sometimes the attachment can contain malware. If in doubt, don’t click.
Spear phishing is the term used to describe a more sophisticated form of phishing that is less about saturation, and more about gaining targeted results. With this kind of online fraud, communication will usually be much more specific and target specific individuals within an organization.
Again, the content of the email or other form of communication can sound remarkably similar to the kind of messages you would ordinarily receive from a known vendor or business associate. Beware of responding to any requests for data or money even if it seems as though it comes from a known source. A two-factor identity system can be useful in these situations to make it more difficult for potential scammers to access your profile.
Whaling is a form of phishing that is extremely targeted and aimed at high value targets like high-net-worth individuals, CEOs, and global leaders. Because the security systems employed by this exclusive target are usually superior to lower risk organizations, the scammers will employ extremely advanced software and programming methods to create a security breach. These can sometimes even be enacted through physical acts of identity fraud.
If you believe that you or someone you know has been targeted by a phishing scam, please contact your local authorities to report this crime as soon as possible.
Meanwhile, here are some of the most important online security areas for you to remember when going about your daily personal routine and business transactions.
Cybersecurity Alert Tips
- Be careful of any requests for money. Treat urgent or overdue notices with extra diligence, as scammers will often try to fake a debt collector’s agency letterhead. Always only pay any due amounts using the bank details stated on the original invoice unless you have a detailed confirmation of the change.
- Be careful of any changes to a vendor or supplier’s bank It’s always best to double check with a phone call and a certified bank statement to ensure any listed changes to the bank details are legitimate.
- Be careful of attachments. Install good malware and check the settings so that any downloads are automatically screened before opening.
- Beware of any unsolicited requests to confirm any details to do with login, passwords, or personal information.
- Never share passwords online or by phone.
Stratford Management will never call you asking you to verify or confirm your account details, passwords, or login details. If in doubt, reach out and contact your personal investment advisor.