Cybersecurity Blog

Think you won’t ever be tricked? Think again. – 05/03/19

Mount Royal has been targeted by the gift card scam for months now. It seems like every month we receive a dozen or so reports of emails that appear to come from Mount Royal supervisors asking employees if they are available. The scammers hope they will get a response. Once they have one, they attempt to convince the employee to purchase gift cards and send them the redemption codes.

Last week the scammers came very close to being successful. A Mount Royal employee responded to the scammer and was about to go out and purchase gift cards as instructed when they thought they should double check with their supervisor’s admin. This sober second thought saved them hundreds if not thousands of dollars and a lot of embarrassment.

You are probably thinking you would never get sucked in like that. But dollars to doughnuts, that employee who responded thought the same darn thing. When our emotions get engaged, rational thought is bypassed.  Hackers know this, that is why they create emails designed to do just that. You may think you cannot be tricked however when you receive an unexpected email that appears to come from your boss, your emotions get engaged. Rational thought is gone and all you want to do is follow instructions and make your boss happy.

So how do you defend against such an attack? When you open any email, the first place your eye needs to go to is the sender’s information. You need to engage rational thought before emotions can be triggered by what is in the rest of the email.

Check the email address and make sure it is legitimate. If the email address is not a Mount Royal address then you know it isn’t coming from your supervisor and it can be deleted. Only once you have established that the email address is correct do you read the email itself. Remember that the email may still be malicious. Just because it looks like it came from your boss, doesn’t mean it did. Their email may have been compromised. Look for red flags and if anything seems amiss contact your supervisor to make sure they did indeed send the email.

 

Leave a Reply

Your email address will not be published. Required fields are marked *