As we start the New Year, we wanted to take a moment to share with our Partners and
Merchants key insights regarding Phishing attacks, tips on how to recognize them, and steps you can take to better protect yourself, your processing account, and your sensitive data.
What Is Phishing?
Knowbe4.com, a leader in Security Awareness and Training solutions, describes Phishing as a
process of attempting to acquire sensitive information such as usernames, passwords, and credit
card details by masquerading as a trustworthy entity using bulk email which tries to evade spam
Emails claiming to be from popular social websites, banks or IT administrators are commonly
used to lure the unsuspecting public. It’s a form of criminally fraudulent social engineering.
Some phishing scams involve popular search engines such as Google when attempting to search
for the valid website.
How To Recognize Phishing.
Scammers will often use email or text messages to try and steal your information. They will also
often use a fake Google search link, which will redirect the receiver to a fake website though
looks very similar to the commonly used website.
Here are a few signs that would indicate the message you received is a scam.
- The email has a generic greeting.
- Unexpected email or text message that looks like it’s a company you know and trust, like a credit card processor, but the email address is misspelled or has a “@outlook.com” at the end versus the company name at the end.
- Email or text that asks you to enter or validate personal or financial information.
- Directs you to a website address that appears to be misspelled (example: a Google search for MX Merchant returns https:mxmerchant.com, which is valid, but also returns a misspelled result such as https:mxmerchnt.com.
How to protect yourself from Phishing attacks.
While your email spam filters might keep some of the phishing emails out of your inbox, there
are additional ways to help protect yourself and your business.
- Install security software on each computer.
- Install multi-factor authentication (MFA) on any systems that offer it. Our MXMerchant.com site is now defaulted to require all users to enter MFA as of today.
- Set up strong passwords for your credentials and avoid using commonly used or easily guessed passwords (example: Password1, Welcome1234 and etc).
- Contact the company or sales office you know is real and validate the sender is authentic before opening or clicking on any email or text attachments or links that seem odd.
If you have questions about the information and recommendations shared above, please
contact our Client Services Team at (844) 647-3616.