Data breaches, malware and ransomware attacks are just some of the digital threats that we're constantly watching out for. We stay on top of the latest threats to help keep cybercriminals from ripping you off.
It's not just individuals like you and I that need to be vigilant against cybercriminals though, corporations need to be as well. This is why you might be surprised to find out that two major corporations were recently fleeced for about $100 million.
How Facebook and Google were scammed
The Department of Justice (DOJ) announced last month that a Lithuanian man had been arrested for fraud, aggravated identity theft and money laundering. He allegedly scammed two major U.S. tech companies out of more than $100 million through an elaborate phishing scam. "Fortune" identified the victimized companies this week to be Facebook and Google.
Here's how the scam worked: The scammer forged corporate stamps, email addresses and invoices and pretended to be a foreign tech company that both Facebook and Google does business with. For over two years, the man sent phishing emails to employees of the targeted companies and convinced them to wire-transfer millions of dollars at a time to a fraudulent bank account.
By the time the victims realized what was happening, the scammer had stolen more than $100 million. Yikes! The good news is with help from the DOJ the companies have been able to recover most of the stolen money.
If major corporations like Facebook and Google can fall for phishing attacks, what chance do we have? To give yourself a fighting chance, keep reading to learn how to stay protected.
How to protect yourself from phishing attacks
- Be cautious with links - If you get an email or notification that you find suspicious, don't click on its links. It's better to type the website's address directly into a browser. Before you ever click on a link, hover over it with your mouse to see where it is going to take you. If the destination isn't what the link claims, do not click on it.
- Do an online search - If you get a notification about something that seems shady, do an online search on the topic. If it's a scam, there are probably people online complaining about it, and you can find more information.
- Watch for typos - Phishing scams are infamous for having typos. If you receive an email or notification from a reputable company, it should not contain typos. Typically, there are signs that give away that an email is fake. Can you spot them? Take our phishing IQ test to find out.
- Use two-factor authentication - When available, you should be using two-factor authentication. This is when you have at least two forms of verification, such as a password and a security question before you log into any sensitive accounts. Click here to learn more about two-factor authentication.
- Have strong security software - Having strong protection on all of your gadgets is very important. The best defense against digital threats is strong security software.