Something Smells Phishy…

Something Smells Phishy…

It’s a fact – businesses and auto dealerships with an online presence are often the target of hackers and phishing scams. According to Wikileaks, it is estimated that in 2015, 707 million records were exposed as a result of data breaches. In the online world, over 2,100 websites had their databases breached, containing over 2 billion user entries in total.

An attack may direct a user to enter personal information into a website that may appear familiar and legitimate, but is indeed fake.

Phishing is typically carried out via email or instant messenger. An attack may direct a user to enter personal information into a website that may appear familiar and legitimate, but is indeed fake. In other cases, emails or IMs contain links with malware which will infect and compromise your new or used car dealership’s computers, networks, and and/or mobile devices. Phishing scams at an automotive dealership might result in the introduction of ransomware, a software that locks down your data until you pay a ransom within a window of time. Ransomware is introduced to the computer (and then the network) by clicking a link or opening an attachment in an email. The user doesn’t have to enter any credentials in this case.

There are a number of tactics you can employ to protect your dealership.

1) Daily Back-ups
This is likely the single most important step you need to undertake. Back up your DMS data every day and store it offsite. If you are attacked, you will have a reasonably current set of data at your disposal. This step is critical — not only as a hedge against cyber attacks – especially ransomware — but also fire, natural disaster or other calamities.

Dominion’s ACCESS Air™ DMS is accessible anytime, anywhere. Learn More!

2) Education
Train your staff to recognize phishing emails and IMs. Encourage your staff to report any scams to your IT department so that they can evaluate any data breaches. Education is only useful if you repeat it. Include information about how to identify attacks in your onboarding training and consider offering employees a refresher on a regular basis.

3) Security Software
Most browsers and email clients offer some level of protection. However, you may wish to install a security software. There are numerous vendors that you can research to identify which is compatible for your hardware and software. Once you install it, remember to schedule updates on a regular basis to ensure you are adequately protecting your computers.

4) Secure Network
Protect your local network with a password which is offered only to employees. Set up a separate network for guests to your dealership and protect that network with a password as well.

5) Emergency Response Plan
Your basic first steps if under attack should be:

  • Shut down the machine that appears to be under attack.
  • Remove that machine from the network immediately.
  • Identify if the network is compromised, and shut down anything (like a server) that is shared among the PCs.

If your computers are affected and customer data is exposed, make sure you have a plan to shut down access, identify what data was compromised, and who needs to be informed. Individuals should be alerted to access to their personal data so that they can change passwords, account numbers, etc.

In summary, phishing scams and hackers are a part of our digital environment. Just as we offer safeguards and protections with locks and alarm systems, we must train our teams to be vigilant to online dangers as well. A few steps, dutifully followed, can help your dealership avoid most dangerous cyber attacks.

Looking for a new, secure DMS? Call 877.421.1040 to learn about Dominion’s ACCESS Air TM .

Dealer Management System (DMS),
Automotive Best Practices, Dealership Technology, Phishing,

Ready to get started?