If you follow the news at all, you know that phishing attacks, cyber breaches and ransomware are everywhere. It’s practically an epidemic. But, not all victims are created equal.
It’s one thing if a bank or a big corporation or even a government entity gets hit with a cyber-attack. They either have, or can find the resources to recover from such an event. Many even have some form of insurance to bail them out. But lately, hackers have pulled out all the stops and have started targeting some of the most vulnerable in society.
First comes news of a phishing attack in Fredericksburg, Virginia in which attackers stole money earmarked for new turf on the high school’s football field. According to Athletic Business, “The Fredericksburg Free Lance-Star reports that a scammer sent school officials a phony invoice for the installation of the field, part of a $1.2 million overall investment for the project. The school wound up wiring money to the fraudster instead of to the company that had actually performed the installation. Officials reportedly notified authorities immediately after learning they’d been had.” That’s cold.
If hitting high school kids isn’t bad enough, there’s now a report of a phishing scam targeting recipients of SNAP and TANF. If you’re not familiar with those terms, SNAP is the Supplemental Nutritional Assistance Program, otherwise known as food stamps. “SNAP provides nutrition benefits to supplement the food budget of needy families so they can purchase healthy food and move towards self-sufficiency.”
TANF is Temporary Assistance for Needy Families, otherwise known as welfare. “The Temporary Assistance for Needy Families (TANF) program is designed to help needy families achieve self-sufficiency.”
That’s right. Hackers are now targeting the poorest people in society. The ones who can barely get by. Those who need help from the government for food and shelter. And to make matters worse, “It has been reported these scams may include threatening people with an arrest.” Really?
Here at DuoCircle, we normally recommend organizations invest in our anti-phishing software. It’s inexpensive, easy to install and includes real-time link click protection. But in these cases, these vulnerable populations are in no position to use technology to protect themselves.
In these circumstances, the best we can do is to educate these vulnerable people how to identify a phishing scam. It’s not as good as using technology to protect the inbox, but it will have to do.