You’re likely no stranger to ‘phishing’ if you’ve owned an email account at any point over the last 20 years. For many of us, they’re a reminder of a simpler time in the internet where Nigerian princes wanted to send us money. Most people exposed to these early ‘too good to be true’ messages quickly developed the necessary scepticism to sniff out a scam. The major account providers; Google, Hotmail and Yahoo refined their abilities to filter out spam before it ever reached an inbox.
The problem never went away, though. If you have a business that you’re marketing in 2017 you’ll almost certainly have your digital cylinders firing across your website, social media presence, email lists etc. We’re reaching more people than ever before through digital and it’s thanks to the mobile phone. Hand held devices have unlocked huge market of new customers that previously weren’t ‘tech savvy’. My 7 year old niece has an iphone and my 70 year old neighbour listens to Spotify on a Samsung Galaxy. The problem is – this new untapped market never had the early exposure to the world of spam and scam that the rest of us did. This has created a fresh target for opportunistic scammers.
While big business scams attract most of the media attention there’s actually an increasing trend of phishing attacks targeting small businesses. It’s a threat that any of us may have to face and the damage done to your business post-attack can be catastrophic. The three strategies below will help you protect your customers if you implement them.
1 – Understand how phishing actually works.
There’s a few different ways this can happen but most commonly it’s a fraudster pretending to be your business, sometimes crudely and sometimes very cleverly. They typically buy a similar sounding domain to your own, adding a prefix or suffix to your brand name such as www.”yourbrand”-support.com.
The major objective of the phishing email will typically be to click a link they’ve provided in their message. Of course the scammers provide a link that looks genuine but in fact is a mask to a different URL that continues the scam. This is particularly effective on mobile, as it’s much harder to view the destination of a url compared to a desktop machine using a mouse (where simply hovering over the hyperlink reveals the true URL destination.
The best way to combat this is to have the best possible protection of your customer’s personal information. Phishing attack success rates sky rocket if they’re able to actively target people who have an existing affiliation with your brand (past customers, marketing mailing lists, social media followers etc.) These people are more likely to trust a message from “you”. If you protect this information well then phishing relies on ‘blanket mailing’ a wide range of people (typically from bought or leaked email lists from somewhere on the web). In the hope that some of their messages land in the inbox of your customers, the likelihood of this occurring is much smaller.
2 – Educate your customers.
Find the right language and tone to communicate the information in section 1 above with your audience. Educate your customers on the potential impact of falling for these scams to explain why they’re so dangerous. This needn’t be fear-mongering but simply a conscientious company keeping their customers aware.
Take extra effort to remind your customers to be ‘extra’ vigilant at times, particularly around Christmas when these scams are at their busiest. It’s a time where we all expect more marketing communications than usual due to the plethora of companies trying to convince us their product is present worthy. During these busy times it’s much easier to breeze through a scam message without the same due diligence we’d normally give. We’re more susceptible – which is exactly what the scammers are counting on. Simple things like taking those extra few seconds to notice a difference in an email address or spotting an unusual link in the body of the text can help stop the process before it begins.
3 – Provide a platform for your audience
Hopefully all of the above will help customers avoid becoming a victim should your brand be unlucky enough to be used as a front for phishing. However it’s a sad reality that some people will continue to be affected by these attacks. By providing the right platforms for your audience you can help reduce the number affected, and provide the correct support to those who’ve been taken advantage of.
A platform can be anything that’s used as a hub to focus customer attention. Some brands have even developed fraud hotlines to provide a direct channel to connect with anyone affected by (or suspicious of potential) phishing activity. Dedicated twitter handles for fraud alert are also becoming popular. By creating the right platforms you make it easier to share and receive information with your customers, this helps to build a trust and dialogue with customers who feel threatened and could make the difference between keeping or losing their business forever.
That’s all folks. Stay vigilant!