Learn how to distinguish spam from legitimate emails, texts and social media messages, what to do about spam if you receive it and how to keep your phone—and its wealth of personal data—secure
WHAT IS SPAM?
The simplest definition of spam is unsolicited email, unsolicited text messages and software.
The legal definition of spam also encompasses:
• unauthorized alteration of transmission data
• the installation of computer programs without consent
• false or misleading electronic representations (including websites)
• the harvesting of addresses (collecting and/or using email or other electronic addresses without permission)
• the collection of personal information by accessing a computer system or electronic device illegally
Spam includes malware, spyware and false or misleading representations involving the use of any means of telecommunications, short message services (SMS), social networking, websites, URLs and other locators, applications, blogs, Voice over Internet Protocol (VoIP), and any other current or future Internet and wireless telecommunication threats prohibited by Canada’s anti-spam legislation.
Canada’s anti-spam legislation (CASL) protects consumers and businesses from the misuse of digital technology, including spam and other electronic threats.
https://fightspam.gc.ca
A lot of spam is sent by botnets, which makes it hard to track down the source. A botnet, in simple terms, is a network of infected computers, mobile phones and any device connected to the internet, that are controlled as a single entity by a malicious person. That means the person can have all the computers in the infected network carry out the same instructions at the same time...in this case, sending out spam messages. Because they are using other peoples devices, maybe even yours, to distribute the spam, it is VERY hard to trace back to catch the original perpetrator.
Spam: Nuisance or threat?
Spam can range from being a nuisance to a significant threat.
If you voluntarily give a retailer your email address (such as by placing an online order), they may have permission to send you email. However, commercial electronic messages from legitimate businesses may still contravene Canada’s anti-spam legislation (CASL) if they are sent without your express or implied consent, if the sender has not properly identified themselves and included contact information, or if there is no unsubscribe mechanism. Even though unsolicited texts, emails or other forms of commercial electronic messages sent by legitimate companies are more of a nuisance than a threat, they’re still spam if they contravene CASL.
Some spam may be connected to scams and other devious activities by illegitimate businesses or individuals. For example, spammers may find your email address through social networking sites, company websites or personal blogs. They can “phish” for your information by tricking you into following links or tempting you with offers and promotions that seem too good to be true. Spam can also contain malware, scams, fraud and privacy threats. This type of spam presents a more direct threat to your privacy and the security of your information.
Worried it’s spam? 8 things to look for
Spam has a number of typical hallmarks. It’s probably spam if:
• You’ve never done business with the organization that sent the email, and you didn’t provide them with your email address
• There is no unsubscribe option
-This is a violation of CASL even if sent by a legitimate company
• The sender doesn’t properly identify themselves or provide current contact information
• The message asks for sensitive information
-Banks and other legitimate companies will never email you to ask for personal or financial information
• It impersonates people or companies you know
-Spam can appear to be from someone familiar. If the message contains some of the other warning signs on this list, be cautious
• It contains spelling and grammar mistakes
-Legitimate businesses usually take the time to get it right
• It uses scare tactics
-Spam often uses language designed to spark fear. For example, if a message says your account will be deleted if you don’t respond, it’s probably spam
• It asks for money in advance
-Such a request could seem to be coming from a friend in an emergency. Don’t respond to requests for money until you’ve checked with the sender personally
• It seems too good to be true
- If the email offers prizes or money, or says you won a trip, beware. Don’t supply personal information or click buttons within the email to claim a prize
IF YOU THINK YOU’VE RECEIVED SPAM:
• DON’T respond to it
• DON’T open any attached files
• DON’T click any buttons to open web pages
• DO report it to help the Government of Canada hold spammers accountable
https://fightspam.gc.ca
WHAT NOT TO DO WITH SPAM TEXTS
Here are two words you should never use for text spam.
Have you ever replied to a text message with STOP or UNSUBSCRIBE?
For a legitimate business, those words will tell them you want to stop receiving the texts.
If it is an unmistakable spam message, never respond with those words. Spammers are hitting up thousands of people in search of working contact information. When you interact, you’re saying, “Yes, this phone number belongs to someone!” That’s great news for them. It lets them know you’re a real person they should target more often. You think you’re putting an end to the noise, but you’ll just make it worse.
REPORT THE SPAM MESSAGE
• Forward the spam message to the short code 7726 (SPAM) so that an investigation can be started by your cell phone provider. If you receive a number of spam texts, it is recommended to put 7726 into your contact list so that you don’t need to remember the numbers
• Reporting Spam to 7726 is free and messages don’t count toward your data or messaging usage package
The forwarding methods will vary, depending on your phone. Here are some examples:
• iPhone:
Touch and hold the message
Select More – Select the message you want to forward, then select the Arrow in the bottom right corner
Enter 7726
Select Send
Apple also has instructions on their website on how to block numbers, filter messages from unknown senders, and report iMessages that look like spam
• Android and Windows:
Press the message (being careful not to activate a link)
Choose Forward (from the menu)
Forward to 7726
• BlackBerry:
Open the message
Using the Menu key select Forward
Forward to 7726
How to Protect Your Privacy on Your Mobile Devices
These days, smartphones are a one-stop payment, personal health, work, gaming, productivity, texting, tweeting, Facebook-checking machine. We use them to do just about everything, from mobile banking to navigating new places, to emailing out last minute notes on a project.
But whether it’s hacked browsers, petty thieves at the coffee shop, or your own tendency to lose electronics in cabs (hey, it happens to the best of us), using your smartphone as a centralized source for all of your information comes with big risks, and the more you’ve connected and stored, the more you stand to lose. In fact, in the last year alone, at least 7.1 million phones were lost or stolen
That’s bad news, not only for individuals but for countless businesses as well, particularly if they have BYOD policies, because each individual phone and carrier really varies in their level of security.
It’s no wonder, then, that so many individuals and businesses are starting to take mobile security seriously. Let’s take a look at few steps you can take to keep your phone—and its wealth of personal data—secure.
1. USE A PASSCODE
This may sound obvious, but according to a Consumer Reports survey, 64% of us don’t use our passcodes.
When you set up your passcode, use the same security measures you would on any other device, such as not using your birthday or social security number for your passcode, and definitely not “1234.” Never share your passcode with anyone, even if they ask nicely or give you sad, puppy eyes. Don’t reuse passwords from other sites or devices.
2. Be Selective With Your Apps
That new app might look great, but with so many unknown third party providers out there, it can be difficult to know how private and secure it may be. For that reason, it’s best to go through a trusted app store like iTunes, Android Market or Amazon, and to thoroughly check reviews before downloading any app and entering your personal information.
3. Don’t Click on Suspicious Links
Maybe it’s those tiny, almost indecipherable screens, maybe it’s a false sense of security, but for some reason, people are three times more likely to click on suspicious links on their cell phone than on a PC. Our best advice for that? Don’t do it. Look more carefully at the URL, especially if they’re asking you to enter personal information. Most banks have a page explaining what they will and will not ask for. Do your research before divulging your personal details.
4. Enable Remote Wiping
Should your phone ever be lost or stolen, it would be great to erase your important data from afar. You can do this through remote wiping, and it’s relatively easy to do on most devices. An iPhone, for example, simply requires you to do enable “Find My Phone” on the device and to sign up for an iCloud account, which will be your command central when it’s time to wipe.
There are some concerns about corporations using location tracking software like this to infringe upon personal privacy rights. Look up the company’s policy, and make sure it’s something you’re comfortable with, before getting it all set up.
5. Keep Software Up to Date
Software updates often patch security and privacy holes users have found as they’ve tested the software out in the real world. Keeping your software up to date will mean you’ll have the very latest solutions. That said, sometimes it makes sense to wait a week, or two, before installing the latest versions to see if there are any problems with rollouts.
6. Use Security Applications
Both Spyware and Malware are becoming an increasingly formidable problem for mobile phone users and users often don’t know they’re running. To combat this, install security software, just like you might have on your computer, to protect your privacy against any unbeknownst mischief. Make sure that you keep this software up to date.
7. Stay Off of Open Wi-Fi Networks
Since smartphones are now acting like mini-PCs, avoid unknown open Wi-Fi networks, just like you would on your PC. As you type, malicious hotspots can transmit your credit card information and passwords without you even knowing it.
8. Write Down Your IMEI
Every phone has a fifteen digits serial number called an IMEI (International Mobile Equipment Identity), which can come in handy if your phone is ever lost or stolen. You’ll find it behind your phone’s battery or in the settings. It’s well worth writing down, as it can speed the process of getting the phone back to you.
9. Back Up Your Phone Regularly
Backing up your phone means you’ll always have access to all of your photos, music, apps and whatever else. This is of course important in case your phone gets lost or stolen, but it can also come in handy when you’re doing an OS update and experience a loss of data (it happens). Make sure to backup at least once a day for the best results, or consider using automatic syncing with a cloud program.
10. Guard the Data on Your Sim Card
If you decide to sell your cell phone, there are a number of things you should do before shipping it off to a stranger. One of the most important is to remove both your SIM and your SD card, both of which contain a wealth of data. Do this when sending your phone in for repairs, as well, particularly if you don’t know your repair shop well.
The Takeaway
There are many security risks for smartphone users today, and these risks will continue to grow along with the devices’ popularity. Protect your phone, your data, and yourself by implementing just a few simple measures.
Learn More About Cyber Liability Insurance
Cyber exposures aren’t going away and, in fact, continue to escalate. Businesses need to be prepared in the event that a cyber attack strikes. To learn more about cyber liability insurance, contact us today.
The information within this document is to be used as a guide only, and does not cover every way you can and should protect your company.