The year has turned once again. The coming months may bring some changes and some things may stay the same. Depending on your philosophical inclination, change can be a good thing, or change may be something to dread. However, what is guaranteed to remain consistent, in fact the creative forces are stronger and more determined than ever: fraud, in all its forms.
Just this morning I received a personal email from a work account of a trusted friend. But something was off about it; the language in the email was strange and I was being directed to open a Google document. I didn’t follow the link, but I was concerned about my friend, so I sent him an email (separate from the one sent to me). Turns out, the email was sent fraudulently. In this case, as in millions of others like it, language can provide an important alert: “Kindly review and revert it back to me.” No one I know writes like that, no one with any sense of idioms anyway. That was the first hint.
There is a constant barrage of fraud attempts, online, via snail mail, brute force attempts, false charities, phishing, spear phishing (my new favorite), all of which are becoming more and more difficult to identify. And they each want what is yours: your money, your financial information – your identity. How may emails have been sent from the Prince of a small, wealthy nation saying there is a large deposit waiting for you? Have you ever had a call from someone claiming to represent the local police asking for donations? Most (if not all) legitimate fundraising for police-related matters is never conducted by telephone. Asking for their tax identification number (TIN) usually brings the conversation to a rapid close.
Since there are so many forces intent on doing bad things, does it mean you have to look over our shoulder all the time? Yes, yes it does. It’s just a fact of life. But it doesn’t have to be so bad, as long as you’re vigilant and aware, and you pay attention.
Some of the items on the list below may seem mundane, and you may have read them before, but to help reduce the risk of fraud, simple steps can be taken.
- Do not EVER write your passwords on a Post-it note and keep it at your desk.
- An IT professional should never ask for any of your passwords. If you are asked for a password, question it, twice. Be aware of this situation.
- Be creative with your passwords, use upper and lower case alphanumerics and special characters. Change passwords on a regular basis.
- If you have access to sensitive data at your workplace, especially if you have administrator rights – never leave your laptop unattended. On a desktop or a laptop, be sure to close any portals to workplace data when you are done and be certain all applications and portals are closed at the end of the day.
- Monitor your personal financial information on a regular basis: bank accounts, credit cards, etc. You can do this by creating secure, online accounts. Although this is a detective control, if you monitor daily, you will identify a problem immediately.
- Be wary of everything that enters your email inbox. Don’t click links if you don’t know the person sending – and even if you DO know the sender, pay attention to language and special requests: verify first!
- Use common sense – always.