How to spot an online phishing scam and avoid getting hooked
Online scams remain a common problem across Canada, and farmers aren’t immune.
According to the Canadian Anti-Fraud Centre, Canadians lost over $40 million to online scams in 2020, and phishing continues to be used in most cases.
Phishing scams are typically misleading and deceptive emails or text messages that falsely claim to come from legitimate organizations like banks, businesses or governments, according to CAFC.
Farmers as targets
While usually carried out over email, phishing has also spread elsewhere online like social media, and this year, scammers included drought-affected Western producers among their targets.
“Because of the dry conditions on the Prairies, farmers were seeking hay for their animals,” says Wes Lafortune, Better Business Bureau media and communications specialist. “Scammers would post ads for hay for sale online and then ask for payment in full, or at least a 50% deposit. Once paid, the scammer disappeared.”
The scams aren’t limited to individuals, either. One agricultural conference organization almost lost close to $200,000 in 2020, but the fraud was detected before the money vanished.
Are you being phished?
Beware of unsolicited text messages and emails asking you to click or tap on a link or attachment.
Beware of unsolicited text messages and emails from individuals or organizations asking you to click or tap on a link or attachment, CAFC warns.
Signs of phishing include spelling mistakes in an email address or message, says Jennifer Hogan, a senior security analyst within the IT division of FCC. Phishing messages are likely to include offers too good to be true and attempts to trigger a sense of urgency to respond quickly, she says. Hogan says to also look out for requests for personal, financial or login information.
CAFC recommends that with email, verify hyperlinks behind the text in a link or a button by hovering over the words, but avoid clicking on any links or attachments, as they may contain viruses or spyware.
Hogan suggests further steps to take:
- Use password managers (a computer program that stores, generates and manages passwords for online services) to secure your passwords instead of writing them down
- Configure multi-factor authentication (an electronic authentication where password-protected accounts can only be accessed after successfully presenting two or more pieces of evidence, like two security questions, or granting access through a second account) when provided with the option
- Complete data backups
- Remove administration rights (where someone else has privileges to perform most, if not all, functions within an operating system on a computer)
Have you been hooked?
Hogan says you may have been phished if you observe:
- Passwords that no longer work
- Odd behaviour on your computer, like the fan running more frequently, apps crashing and a sudden general slowness
- Unusual charges on credit cards or bank account withdrawals never made
- Files no longer open, and a ransomware message displays on your screen
If you are a victim of a phishing attack, Hogan advises letting your financial institutions know immediately. While they monitor accounts, she stresses changing your passwords and adding multi-factor authentication (like Google authenticator) if possible.
Hogan notes that once you’re hit with ransomware, where the contents of your computer are held for ransom and not released until a fee is paid, you cannot clean your system and will be forced to wipe your computer and reload the operating system and apps.
If you lose money, Hogan says to contact the CAFC through its Fraud Reporting System, or by calling 1-888-495-8501. Also consider signing up with a credit monitoring service like Equifax, she advises, to track how your personal information may be used in the future.
Farmers are at as much risk of online phishing scams as anyone else. Know the signs of phishing attempts to avoid being hooked. Steer clear of unfamiliar text messages or emails with links or logins, use multifactor authentication and complete data backups. All are steps to thwart fraudsters from gaining control of your computer systems or your financial accounts.
Article by: Richard Kamchen