As dealership data increasingly goes digital, so too do the criminals who are looking to steal your customers’ valuable information. By falling victim to a data breach, dealerships can suffer damages in the form of fines, a diminished reputation, and lost profits from those customers who take their business to a dealership they perceive to be more secure.
The good news is, while spotting cybercrimes can be difficult, the most common types break down into three broad categories, and there are tried and true methods for combating each to make your dealership as secure as it can be.
These are the big three of cybercrime:
Ransomware
In a ransomware attack, malicious software will encrypt a system’s files, and the system owner will be asked to pay a fee in order to get back access to the files. Between having data held hostage and sustaining reputation damage, ransomware isn’t something any retailer wants to experience.
Ransomware can be introduced through malicious links or downloads through email or online, but how do you know it when you see it? In short, you know you’ve been hit when a message appears on the system screen saying your files have been encrypted. The message will typically demand a certain amount of money (usually bitcoin) in exchange for the decryption key.
As for combating this type of cybercrime, there are three steps you can take to potentially prevent a ransomware attack. The first is to back up your data and keep those backups separate from the host server. If your backup is connected to the server when it’s compromised, then your backups will be held hostage as well.
The second step is to train your employees. Make sure they know to verify emails and how to check for and identify suspicious websites. Finally, install a robust firewall and antivirus software that can detect and prevent malware.
Hacking
Hacking constitutes any unauthorized intrusion into a computer or network. Hackers typically operate by either cracking passwords, checking computer networks for weaknesses and then breaking through, or using viruses to extract server information.
There are numerous signs of potential hacking, but one of the most common is a fake antivirus pop-up message in your internet browser. The message will say you need to download virus protection and either it will lead you to a seemingly trustworthy website, prompting you to download malware, or it will make use of weak areas in your software and break in outright. A clue you have been infected is when your internet search is redirected. Hackers get paid off of the internet traffic you unwillingly provide. Other signs include:
- Frequent, random pop-ups
- Online passwords not working
- Stolen money from online accounts
To prevent unwanted break-ins, avoid clicking on links in pop-ups and be wary when entering payment or personal information. Also, make sure your computer’s protection is up to date and comprehensive. Hackers can easily find cracks in your system’s defense.
Phishing
Phishing is when cybercriminals pose as legitimate people or institutions in an email, phone call, or text message in order to obtain sensitive information.
Phishers don’t want to give their victims any time to process the situation, so they make everything sound urgent. They may even present a fake scenario (for example, the message might say you have a bill past due).
On the flip side, a possible sign of phishing is a scenario that’s simply too good to be true. If you’re told you won a prize in a competition you never entered, chances are it’s a phisher trying to get your information. These offers can come from fake companies, strange emails, or texts and calls from unrecognizable numbers.
What if the email address appears legitimate? Are there other ways to identify a phishing email? Sometimes cybercriminals will replace a letter “L” with the number “1” to make things appear legitimate at first glance. If there is a hyperlink in an email, hover (don’t click) your mouse over the hyperlink. Don’t click on the link if you don’t recognize the URL address or it doesn’t look legitimate.
If you do find yourself on the receiving end of a phishing attempt, don’t provide any personal information and don’t text back. Hang up the phone or report the email. Never provide your sensitive information to callers, even if they seem legitimate. Any credible business will be able to prove their legitimacy to you.
Conclusion
Whether it’s the employees who depend on you for their livelihood or the customers whose data you’re entrusted with, there are many people who count on you to take your dealership’s security seriously.
That means taking the steps listed above and incorporating them into dealership policy and best practices, as well as investing in comprehensive cybersecurity measures that work to protect your dealership from cybercrime 24/7.
The big three of cybercrime represent a constant threat to the well-being of your dealership and the customers you serve, but by taking a proactive and knowledge-grounded approach to data security, you can turn the tide today.