Hardwood Floors October/November 2017

SPOOFING Spoo ng is funny when it’s a parody of a scary movie, but email spoo ng is scarier than any Halloween movie I’ve seen. Spoo ng has two unique characteristics. One, a cyber criminal impersonates another organization or individual via email. Like phishing, these emails look legitimate, and can even use names of employees on sta at said company – including our own. Two, the goal of spoo ng is to have us open an a achment or visit a website given in the email. By doing this, we are delivering a virus to our device and possibly our entire computer network. Spoo ng is the most common way ransomware a acks are being distributed. Ransomware: Malicious so ware preventing access to systems and les until a ransom is paid. What follows is an actual real-life example of a spoo ng email. It looks legitimate and could fool most of us into clicking the link, which is masking a destination URL containing malicious code. ALL TOGETHER NOW Although separate concepts, spam, phishing, and spoo ng can be used together. Criminals use spam to get us to open the emails, phishing to extract information, and spoo ng to deliver malicious so ware. Even though spam lters and anti-virus so ware exist, they simply cannot keep up with the minds of criminals, so we have to be proactive, controlling what we can control – our own behavior. HERE ARE 10 THINGS YOU CAN DO TO STAY SAFE: 1. Never provide personal or secure info via email. 2. If you don’t know the sender, don’t click, open attachments, or even respond. 3. Do not click on link-only emails, even if the sender is someone you know. 4. Even when you know the sender, if you aren’t expecting attachments from him or her, ask before opening any attachments. It’s possible systems have been compromised. This is an automated email sent from our SSL servers to inform you that there is an error in your email configuration. This error was identified on: 2017/06/07 and we have not been able to deliver 8 contact email messages from this date. To retrieve your emails and reconfigure Port 486, click here to reconfigure or click the button below. Warning: Failure to do this will lead to total suspension of your email account. From: Mail Administrator To: joe.smith@prohardwoodinstallers.com Subject: An error in your SMTP/POP settings is blocking your incoming emails

5. Hover over links in emails to see the actual URL before clicking. 6. Avoid opening emails from unknown senders, especially if there are spelling errors in the subject line. 7. Does the message seem too good to be true? It likely is. You did not inherit cash from an Ethiopian prince. 8. Make sure the software on your system is up-to-date, especially anti-virus software. 9. Use smart and secure passwords unique to each login you have. 10. When in doubt, check it out. Follow your instincts. It’s not worth it to assume a link or attachment is safe if it’s not. In addition, fcc.gov/cyberplanner and staysafeonline.org are two helpful websites with some great resources that address the risks to consumers and businesses regarding identity the , data breach, and cyber a acks. Jodi O’Toole is Director of IT and Web Development at the National Wood Flooring Association in St. Louis. She can be reached at jodi.otoole@nwfa.org.

the magazine of the national wood flooring association

39