2021 has seen a record year in cyberattacks, with an attack occurring every 11 seconds.
We don’t share this fact to alarm you, but rather to help you and your dealership prepare so that you’re ready if and when a cyberattack targets you.
Over the last year, as people conduct more business online, we have seen cyberattacks become increasingly clever. Cybercriminals target busy organizations in the hopes that a distracted employee will fall into their trap. The good news is that 100% of cyberattacks can be avoided by taking these three steps: Stop. Look. Think.
Here are some of the new cyber strategies that have popped up recently – and the steps you can take to protect your dealership from a security breach:
Unexpected Emails
Proceed with caution whenever you receive an unexpected email from an online service or business. Even if an email looks innocent, it could contain malicious links or encourage you to give up sensitive information.
Ask yourself the following questions: Do you have a membership with this organization (this especially applies to platforms like Amazon or your online bank)? Have you subscribed to their newsletter or signed up for emails? Did you recently enter a contest or bid on an auction?
When faced with an unexpected email, verify its legitimacy in a roundabout way by opening a new web browser and visiting the company website (do NOT click on any website links sent within the suspicious email). From there, log into your account and verify whether any activity has taken place.
Interoffice Correspondence
A skilled cybercriminal can impersonate anyone, including your coworker. Interoffice attacks often occur through chain-of-command – an employee receiving a text or email from what appears to be the manager or business owner. These could seem innocuous, such as asking the employee to send a password or bank account information or make a purchase.
If you receive an email or text from a coworker that seems out of the ordinary, connect with that coworker another way. Text or call their personal number or engage them in person to verify whether they really reached out to you at all.
Business Email Compromise (BEC)
In a BEC attack, the offending party impersonates another business (such as a bank or vendor) to convince you to share sensitive information. Sales representatives and financial departments are popular targets – however, anyone can be a victim regardless of position or department.
To avoid BEC attacks, be suspicious of any emails sent from people you don’t know, even if they seem to represent a legitimate organization. Your first step should be to verify their identity by asking for proof of identity and employment or contacting their organization directly. If you suspect fraudulence, report the email according to your dealership’s protocol.
“Free” Services
In an ideal world, streaming services would be free, but in today’s world “free” is often synonymous with “harmful.” In other words, beware of invitations to stream a newly released film for free. These attacks are becoming more common, and they typically direct victims to a fake viewing platform, where they then request personal and payment information to view the entirety of the film.
How can you avoid falling victim to these scams? Be suspicious of any email, popup ad or social media post that offers a free deal on something you normally would have to pay for. Only stream movies, shows and music from trusted, well-known websites. Instead of clicking on the online ad, visit the official website to get your information.
Avoid Scams Through Proactive Protocol
Have a company-wide protocol in place for employees to identify and report suspicious emails. Train your team to follow specific guidelines so that everyone works together as a team and avoids costly mistakes.
The foundation of an effective protocol is awareness. Ask yourself the fundamental questions: Is the correspondence expected? Is it relevant to you or your department? Can it be verified by visiting the website, logging into your account or contacting customer service? If you answer “no” to any of these, do not engage. Report the email.
Taking a few extra moments to pause, consider and verify emails, phone calls and texts can save your dealership years’ worth of money and stress. Remember: Stop. Look. Think. You’ll be grateful you did.
ARI cares about the security of your dealership. If you’re concerned about facing a cyberattack, please feel free to contact the ARI team today.