Jane's Story

Background:

Jane, a small business owner and Etsy user, fell victim to a phishing scam that targeted her through an email that appeared to be from Etsy customer support. The email included a different order confirmation, one of high ticket cost, and instructed Jane to call a customer support phone number if she had any questions or concerns about the order. Jane, thinking that something had gone wrong with her order, called the number and spoke to someone who claimed to be from Etsy customer support. This person convinced Jane to give them access to her computer through screen connect, which allowed the scammer to gain access to Jane's sensitive information, including her login credentials for her online payment accounts.

The Scam:

The scammer was able to convince Jane to create a Venmo account and open a Cash App account, which the scammer used to transfer money out of Jane's accounts. By the time Jane realized what was happening and called her Managed Service Provider, Applied Integration, the scammer had already had access to her accounts for 2 days.

Response:

Applied Integration quickly responded to Jane's call and began working with her to secure her accounts and data. They helped Jane change her passwords and freeze her bank accounts, which prevented the scammer from accessing any additional funds. Applied Integration also worked with Jane to install additional security measures on her computer and accounts to prevent similar incidents from happening in the future.

Lessons Learned:

Jane's experience highlights the importance of being cautious when receiving unexpected emails or phone calls from unknown sources, even if they appear to be legitimate. It is crucial to verify the authenticity of the email or phone call before taking any action. In this case, Jane could have contacted Etsy directly through their website or a known customer support phone number to confirm the legitimacy of the email she received.

Additionally, it is essential to always be cautious when asked to provide sensitive information or access to your computer. Jane should have been wary of the scammer's request for access to her computer and should not have provided access without confirming their identity first. Furthermore, it is recommended to have multi-factor authentication enabled on all online accounts to add an extra layer of security.

Conclusion:

Falling victim to a phishing scam can be a stressful and costly experience for individuals and businesses alike. However, by being vigilant and taking proactive measures to secure accounts and data, like working with an MSP like Applied Integration, it is possible to recover from the attack and prevent similar incidents from happening in the future.