Industrial Development Company of Puerto Rico was hit by a phishing scam which cost the government agency more than $2.6 million.
According to this report the phishing scam started targeting the company in January and the government-owned organization performed the transaction on January 17th.
The organization allegedly received an email alleging a shift to a bank account linked to remittance payments, which is a transfer of money to a person in their home country.
The agency lodged a police complaint about the scam, but further concerns about how the scam was discovered, whether the activities of the agency have been compromised are still unprecedented.
Phishing attacks have evolved to such an extent that the statistics relating to this subject are quite disconcerting. According to the FBI, in 2019 alone IC3 received a total of 467,361 complaints with reported losses exceeding $3.5 billion. Phishing and Data Breach were among the most prevalent crimes reported last year.
Tips to avoid Phishing scam
- Train Employees
Any organization is only as strong as its weakest employee, so it is necessary to train and educate staff regarding phishing. This training really needs to be delivered on an ongoing basis as well, and they should be educated with different methods for maximum reach.
Use Phishing Simulation services like PhishGrid to train and educate users regarding phishing attacks and attempts.
- Avoid Shortened Links
Everyone has seen great offers/links on different social media platforms and some of them are useful. Avoid these types of links unless you’re sure about its authenticity.
- Verify Site Security
Whenever you’re entering sensitive financial information or any form of private data, it is essential to verify the security of the site to which you are submitting it.
- Be Vigilant
When dealing with phishing attacks the key is simply to be sensible and vigilant at all times. Never click on the links, download files, or open any email attachments without confirming their authenticity.
- Use Anti Phishing Solutions
TIKAJ provides an end-to-end Anti-Phishing Solutions, from monitoring & detection of phishing incidents, through to the site take-down incident response and take-down of an incident. Using in-house developed machine learning algorithms we detect, analyze and proactively dismantling the systems and illicit services cybercriminals depend upon to carry out phishing attacks.