Back

Three Cyber Scams You Can Recognize & Prevent

Mar. 8 2022 Important Info By Dealer Spike

Share

Cyberattacks continue to mount against small and mid-sized businesses.  

Protect your dealership from cyberattacks by learning to distinguish routine business interactions from malicious attempts to infiltrate your digital devices.  

Over the last two years, cybercriminals have exploited the gaps and weaknesses of digital business procedures and online security, resulting in a significant increase in cyberattacks. Q4 of 2021 was the peak of cyberattacks (1), and 2022 will unfortunately see a continuation of businesses being targeted by criminals.  

The Dealer Spike team is creating resources to help our dealer partners recognize and prevent cyberattacks. Last year’s cybersecurity guide shared tactics to avoid the five most common email scams. In Q1 of 2022, we find dealers need to know how to address newer and more niche scam tactics.  

Below are three popular cyber scams, accompanied by the steps you can take to deny cybercriminals access to your business information:  

Fake/Harmful Email Attachments  

The basic rule of email attachment is to never open anything that ends in “.exe.” What you may not know is that PDFs and Word documents can also be faked and unsafe. These malicious attachments are sent with the intent to compromise, hack or sneak viruses into your software.  

Know the signs of an unsafe email attachment:  

  • It’s unexpected. Don’t open an email attachment you weren’t expecting to receive if you can’t verify with the sender (through a different platform) that the email is legitimate.   
  • You don’t know the sender. If you don’t know the person or business who sent the email, don’t click on its contents. Only interact with emails that are sent by people you know and trust.  
  • The email address is false. Cybercriminals may try to deceive you by mimicking a legitimate sender, but they can’t duplicate an existing email address. Always check the “from” address for any misspellings or inconsistencies.  

If you received an email attachment you weren’t expecting, but it seems to be from someone you know, reach out to that person by phone or in person to verify the contents of the attachment.  

REMEMBER: Don’t open an email attachment if you don’t know why you received it or who it’s from.  

QuickBooks Invoice Scams  

You may be one of the many businesses who use QuickBooks by Intuit to manage your accounting and send out invoices. Unfortunately, cybercriminals are now leveraging QuickBooks’s popularity to launch BEC scams, where they send an email with a fake vendor invoice to illegally collect your money. Some invoice scams may also require the ACH (automated clearing house) method, in which you give your bank account information as well.  

You can verify a QuickBooks invoice is legitimate when the email is sent from intuit.com. Always check for the intuit.com domain – if it’s not listed or the vendor is the one sending you the QuickBooks invoice, don’t hand over your funds.   

REMEMBER: If you don’t recognize the email sender, don’t interact with the email.  

Over-the-Phone Scams  

Cybercriminals can snag your dealership’s phone number wherever it’s listed publicly, such as your website, digital ads and printed flyers. In an elaborate Google Voice scam, cybercriminals may use your phone number to contact you under the pretense of being a customer, and then they send you a Google authentication code request and ask you to send them the code to prove your dealership is real and not a scam artist (like them). Once they have the code, they can use your number to create a Google Voice account.  

Google Voice generates virtual phone numbers for business and individual use, but it requires a real phone number and authentication code to create an account. Cybercriminals use the new Google Voice number to scam other businesses, and your dealership is flagged as the owner of the account. They may also use the authentication code to access your Google account.  

If you encounter a shopper who wants proof your dealership is real, ask them to call or visit your store – don’t share an authentication code or any other sensitive information.  

Always Look Twice  

Checking and re-checking your emails can be tedious, but it’s the surest way to avoid a cyberattack. Constant vigilance is your dealership’s strongest security asset, and it’s crucial that you stay up to date on cyberattack strategies.  

Dealer Spike is always here to aid you in protecting your business from cyberattacks. Connect with our digital experts today if you’re concerned about your cybersecurity.  

 

(1) Forbes