Phishing Emails and Phone Scams
Criminals are constantly at work trying to steal your personal information.
Recently customers of GRM Networks have been the targets and recipients of a slew of phishing emails, a form of cybercrime where cybercriminals pose as a trusted source and use email messages to trick unsuspecting email users into giving the cybercriminals their personal information. Cybercrimes also include phone scams known as vishing, text messaging scams known as smishing and pharming which is when an Internet user is sent to a fraudulent website with intent to steal the user’s information.
Several customers have recently reported receiving calls from numbers that appear to be from GRM Networks or other local numbers. The caller asks the customer for personal information, such as their social security number or credit card information. These calls are not from GRM Networks! Do not give your personal or banking information to anyone who calls and asks for it. When in doubt, hang up and call us directly using contact information on your bill.
According to the FCC, “spoofing” is when a caller deliberately falsifies the caller ID information to disguise their identity. They may spoof a number from a company or a government agency that you may already know and trust, then try to scam you into giving them money or your valuable personal information.
- Always be suspicious and never assume an unexpected call is legitimate.
- Don’t give out personal information.
- Hang up and call back using a number you can verify on a bill, statement or official website.
January 28 is Data Privacy Day
Linked below are some helpful tip sheets for managing your personal data:
Are you using a connected device such as a wearable or personal assistant? Ensure you are managing your personal data with these tips.
Find tips for raising privacy-savvy kids here.
As a company, what are you doing to protect your customers’ data? Learn more here.
Cybersecurity Tips for After the Holidays
Ensure personal information is kept personal on the new tech gift unwrapped this Christmas with these simple cybersecurity tips:
- Set the device, and its applications, for automatic updates
- Enable automatic updates for anti-virus and anti-malware
- Setup regular data backups
Continue the device’s setup by only downloading safe software or apps. Before downloading anything, research the software to determine if it is reputable. Select software or apps that have a large number of good reviews and offer regular updates and patches.
Setting a strong password is another crucial measure to ensuring the device is secure. A strong password includes:
- one lowercase letter
- one uppercase letter
- a special character
- a number
- 12-15 characters in length
Further embrace security and enable multi-factor authentication when available. Consider using password recovery; this tool could help regain access when passwords are forgotten.
If this device is new from the manufacturer and replaces an older device, be sure to safely discard the older device. This includes:
- signing out of all accounts
- going into account portals and deauthorizing this old device as an authorized device
- complete a factory reset
- remove any additional peripherals such as an SD card, or memory card, that has been added to store photos or other materials
- dispose of the old electronic device by following local guidelines
Post Holiday Shopping Cybersecurity
Continue cybersecurity vigilance post holidays by carefully reviewing bank and credit card statements. Contact the vendor or financial institution if there are charges that are in question.
- Regularly review transactions on all accounts including online subscription services
- Setup account alerts to be notified of potential theft or unauthorized activity
- Do not open unsolicited email
- Be cognizant of phishing attempts and post holiday scams. Scammers never take a vacation. If it sounds too good to be true then it probably is
Consider cybersecurity as part of a New Year’s resolution by incorporating these simple tips into the daily routine.
We are Here to Help
If you receive a suspicious communication that appears to be from GRM Networks, LTC Networks or SCC Networks but you are not sure if you should respond, please contact us by calling your local business office or the 24/7 Technical Support Helpdesk at 800-721-2577.
- GRM Networks Bethany Business Office: 800-551-1930
- GRM Networks Leon Business Office: 800-551-1940
- GRM Networks Princeton Business Office: 800-451-2301
- LTC Networks Business Office: 877-742-5553
- SCC Networks Business Office: 800-782-7932
Tips to Help Identify Fraudulent Emails
Scammers are very good at making their phishing emails look like legitimate emails from the company, which they are targeting. However, the messages may contain identifying characteristics such as:
- Misspelled words in the text
- “login to upgrade yur account”
- GRM Network
- Fragmented sentences
- “Download attachment and …”
- Missing punctuation
- “… failure to cancel termination will result in the closure of your account”
- Non-personalized salutations and closings
- “Dear user”
- “Dear grm.net user,”
- “Sincerely, the GRM Internet Team”
- “Thank you, GRM Network”
- “Thanks, GRM Upgrade Team”
- Threatening language
- “Act now or your service will be terminated immediately”
- “Account de-activation in progress”
- “Final reminder”
- Tempting offers
- “You’ve just won a free vacation!”
- Instructions to click links
- “Click here to claim your prize!”
- “Sign in here to cancel the termination”
- Instructions to provide personal information
- “Complete the attached form”
- Requests for immediate action or services will be terminated
- “Failure to cancel termination will result in the closure of your account”
- Attachments for review
- “Click here to review your current agreement”
- “Download attachment and login to upgrade your email account automatically.”
Helpful Advice to Navigate Suspicious Emails
Cyber criminals communicate to unsuspecting recipients posing as other companies, not just GRM Networks. If you suspect you have received malicious communications from any company, follow these tips:
- Do not open the text or email if the sender is not familiar.
- Do not click any links in the text or email.
- When in doubt, reach out to the sender or caller through a trusted method such as their website or phone number on record.
- Never respond to the sender of a suspicious message.
- Move the phishing email to your email’s ‘spam’ or ‘junk’ folder. Steps to do this will vary depending on your email provider. Directions for customers using the GRM Networks’ platform are found at grm.net/wp-content/uploads/5-Tips-Junk-Folder-and-Spam-v2.pdf.
Report suspected scams to the Federal Trade Commission (FTC) by following these steps as found on the FTC website at https://www.consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams
What to Do if You Clicked on a Link in a Phishing Email and/or Provided Your Information
If you responded to or clicked on a link in a phishing email and are concerned or think that scammers now have your personal information such as a credit card number, Social Security number, bank account information, password logins, etc. go to www.identitytheft.gov. This site assists identity theft victims with reporting the crime and with developing a recovery plan. If you provided any personal information, it is a good idea to monitor your accounts and identity.
If you think your personal information is compromised, you should immediately update your computer’s security software and run anti-virus and anti-malware scans. Also change the password on the account you provided the information for, as well as any other accounts that use the same login or password. It is a good idea to run the scans before entering the new password on the device. However, you can contact GRM Networks while the scans are still running, and we can help change your email password immediately to prevent unauthorized access.
GRM Networks email customers who think your email account information may be compromised should call our tech support at 800-721-2577 or visit www.grm.net/email/ for instructions on how to change your email password.
Regularly changing your passwords and monitoring your identity is a good habit to maintain on a regular basis, even if you are not aware of a specific incident in which your personal information may have been stolen.
Cyber Smart Educational Videos
The following are links to educational videos that provide overviews on malware and helpful tips to check devices for malware and suggestions to help protect devices.
FTC How to Protect Your Computer from Malware: https://www.consumer.ftc.gov/media/video-0056-protect-your-computer-malware
ISO Institute: What is Malware? https://www.youtube.com/watch?v=Lx6MpDCVxi0
Dell Support: What is Malware? https://www.youtube.com/watch?v=tKZBf-WNM8Y
Dell Support: 5 Ways to Check for Viruses https://www.youtube.com/watch?v=rdG-rBKZrFw
Listed below are numerous links to trusted sites including XMisison, the Federal Trade Commission (FTC), the Federal Bureau of Investigation (FBI), the Federal Deposit Insurance Corporation (FDIC), the AARP and the state of Missouri Cyber Security Team that contain helpful information:
Google and F-Security
www.youtube.com/watch?v=R12_y2BhKbE Stay Safe from Phishing and Scams — Google Education
www.youtube.com/watch?v=25G4tLVH1JE Teach Students About Internet Safety and Privacy — Google Education
www.youtube.com/watch?v=X-FTGkss_k0 Online Safety On The Go — Google Education
www.youtube.com/watch?v=hZbgnFeXlr0 Social Engineering/Cyber Security Crash Course
www.youtube.com/watch?v=WpaLmeHTp3I What is Phishing and How do I Protect Myself — AARP Online Learning Videos
www.youtube.com/watch?v=gUHiGqiBo3g WiFi Safety — AARP Online Learning Videos
Missouri Cyber Security
Glossary of Terms
Malware — software designed to damage a computer or device and downloaded without the owner’s knowledge or permission.
Pharming — when a hacker or “pharmer” manipulates the website’s traffic and sends an Internet user to a fraudulent website to gain access to the user’s personal information.
Phishing — cybercriminals pose as a trusted source and use email messages to trick unsuspecting email users into giving the cybercriminals their personal information, user names, passwords and credit card details.
Smishing – the use of text messaging by cybercriminals to pose as a trusted source and trick users into giving the cybercriminal their personal information.
Spoofing – a fraudulent attempt by a criminal to make a phone call or email appear to come from a number or mailbox that is not the originating phone number of mailbox. Criminals can make an email message appear to come from any email address they choose and can also make a phone call appear to come from any phone number they wish.
Vishing – cybercriminals pose as a trusted source and use phone scams by way of a phone call or phone message to trick the message recipient into giving the cybercriminal their user names, passwords, credit card information and other personal information.