Reporting scam attempts

Last newsletter we shared with you the SLAM method. You may recall the SLAM acronym can be used as a reminder of what to look for to identify possible phishing emails. Check the SENDER, verify the LINK, avoid ATTACHMENTS from unknown senders, and scrutinize the MESSAGE contents.

Now that you’ve caught a phish, what should you do about it?

1. Inform your supervisor.

   If you catch a phish at work, informing your supervisor can be an important step in stopping the spread of the scam.

   By making your supervisor aware of the situation, they can provide you with the company’s next steps, and alert the team so that no one else gets hooked.

   Note what the scam entailed, and the address it supposedly came from, but do not forward the email, as this may increase the likelihood of the malicious link or attachment being clicked.

2. Tell IT (internal or external IT provider).

   If you think you’ve caught a work phish, but you’re not entirely sure, some company’s have a "phish tank" where you can forward suspicious emails to IT for further analysis before interacting with them.

   If you think you’ve caught a phish, or are just unsure, and have already informed your supervisor, they may advise you to update IT, as well. By keeping IT in the loop, their department can send our appropriate alerts to the company and help contain any potential threats.

3. Inform Others.

   Finding a phishing attempt in your personal inbox may feel a bit more threatening, as it can come as a personal attack, but know that you’re not alone. Government agencies have online forms that you can fill out to report scams and help fight fraud overall.

   Sharing your experience with phishing attempts with friends and family can also help spread the word about currently circulating scams so that your loved ones don’t get caught next.

Using a personal computer for work could have been devastating

We recently had a client become victim to a ransomware event. Fortunately, we were able to recover all the data from backup, the primary loss was a period of downtime. This event was the first successful ransomware attack on New River Computing infrastructure since July of 2015.

The incident was completely avoidable. In this instance, a user was accessing network-attached storage from home on an unmanaged personal computer that did not belong to the company. This machine was compromised by a bad actor, possibly for some time, waiting for the opportunity to strike. When the opportunity came for a broader attack, the bad actor struck.

In this case, the incident ended with only minor inconvenience and expense. A less protected company network may have led to a devastating and expensive attack—one that many small businesses could not recover from.

It is incredibly important to only access work infrastructure in a safe manner. Generally, that is from a computer that is managed and secured either by your internal IT or a computer managed by an IT company like New River Computing. Please call us if you have questions regarding safely accessing company resources from home, or any location outside the protection of your corporate network.