Notifications & Messages

Jared Hamilton
From: Jared Hamilton
Hey - It’s time to join the thousands of other dealer professionals on DrivingSales. Create an account so you can get full access to the articles, discussions and people that are shaping the future of the automotive industry.
×
Erik Nachbahr, CISSP

Erik Nachbahr, CISSP President

Exclusive Blog Posts

Is the Service Department Keeping Customer Data Secure?

Is the Service Department Keeping Customer Data Secure?

A quick visit to the dealership for an oil change isn’t exactly the riskiest behavior someone can engage in. The routine procedure should do noth…

Evolution of a Dealership's Fixed Operations with Dave Foy | KPI Cafe Season 6 Episode 1

Evolution of a Dealership's Fixed Operations with Dave Foy | KPI Cafe Season 6 Episode 1

To kick off our newest season that's all about your dealership's fixed operations, Host Dane Saville is joined by the Fixed Ops Mastermind Dave Foy…

WEBINAR RECORDING - Five Ways to Grow Your Profits in the Second Half of 2020

WEBINAR RECORDING - Five Ways to Grow Your Profits in the Second Half of 2020

Discover strategies to identify and capture additional profit on every car deal. After months of uncertainty, we are seeing dealerships open their do…

Rock’s Rants: Purchase Orders

Rock’s Rants: Purchase Orders

Does your dealership have a purchase order (PO) system? Often when I ask this question in dealerships the answer is, “Sort of.” When I dig deep…

Even Loyal Dealership Service Customers Buy Tires Elsewhere

Even Loyal Dealership Service Customers Buy Tires Elsewhere

It’s widely known that dealerships still have a lot of ground to make up when it comes to selling tires. According to Modern Tire Dealer, auto dealer…

Cybercrime Rises During COVID-19 Pandemic

As if COVID-19 and the shutting down of our economy aren’t enough to worry about, dealership owners need to be aware that cybercriminals are using this crisis to fuel an enormous rise in cyberattacks.

Preying on fears is a specialty of cyberthieves, who are now sending phishing emails with subject lines related to COVID-19. Some of these fake emails appear to be from health organizations such as the CDC offering information and health advice. 

Other phishing emails appear to be from charities, asking for donations to help fight COVID-19. Also look out for emails that appear to be coming from the government, asking you to verify personal information in order to claim your stimulus check.

Some emails contain malicious attachments that if downloaded, could infect your network with a virus or malware such as ransomware. Other emails contain links to fraudulent websites that try to trick users into entering their personal information. Most of these emails use fake landing pages like Gmail or Office 365 and ask people to enter their username and password.

Be especially wary of social media postings that contain links, which might lead to fraudulent fundraising or charity websites. Some scammers are using texts and phone calls to appeal for donations as well.

Even if your dealership has a secure firewall and anti-virus software, a number of phishing emails will inevitably get through to your employees. If they don't know how to identify these emails, your dealership is vulnerable to an attack that could result in serious consequences. In simulated phishing attacks that Helion has conducted, three to seven percent of dealership employees routinely give up their credentials when prompted.

If you haven’t been proactive about cybersecurity in your dealership, now is a great time. Start by educating your employees about the increased threats, and train them how to spot phishing emails.

Recommendations include:

—Avoid clicking on links in unsolicited emails and be wary of email attachments.

—Use trusted sources—such as legitimate, government websites—for up-to-date, fact-based information about COVID-19.

—Do not reveal personal or financial information in email, and do not respond to email solicitations for this information.

—Verify a charity’s authenticity before making donations, and go directly to the charity’s website to make the donation.

—If your employees are working from home and accessing your network through a virtual private network (VPN), ask them to stay vigilant for malicious emails with subject lines related to remote access or other technical problems. The goal of these emails is to fool workers into entering their login credentials.

—Enroll employees in a security awareness training program. These programs send simulated phishing attacks to your employees. If an employee clicks on the link, they are enrolled into an online training program that uses videos, games and other training materials to educate the employee. Security awareness training is very inexpensive and over the course of a year, is proven to reduce the risk of phishing attacks from 27 percent to two percent.

You probably have enough to worry about without the added worry of a cyberattack that might result in a ransomware incident or successful data breach. But cyberthieves, like politicians, never let a good crisis go to waste. Now is the ideal time to shore up your dealership’s cybersecurity defenses and train employees how to avoid getting hooked by phishing emails.

 Unlock all of the community & features  Join Now