This morning I opened my e-mail to find yet another note from our IT department about a phishing e-mail. One thing that was different about this scam from previous ones is that it was addressed from a woman in our human resources department and even included her photo, which always accompanies her messages. In addition, the content of the e-mail almost seemed legit. It had an attachment titled dc_shared PDF. The body of the message stated, "Please find an important information listed on the attached docs share using via secure Microsoft-Datasheet." Yes, the wording seems a bit off, but too many, this e-mail probably looked authentic.
Fortunately, I didn't open the attachment. If I had, I was instructed to change my password to our server and contact IT immediately. Scary, right?
We all know these scams happen, but it seems these nefarious acts are on the rise. Just this year, Verizon, Saks Fifth Avenue and DocuSign all reported some type of data breach. In May, a new ransom virus attacked computers worldwide. Within four days after the cyberattack, more than 230,000 computers in some 150 countries had been infected by WannaCry ransomware. The virus, which targeted computers running the Microsoft Windows operating system, encrypted data and demanded Bitcoin payments to release the info. It was a huge loss for many people on so many levels.
There's no doubt computer hackers are getting smarter—and their actions can have serious consequences for your self-storage business and your tenants. A data breach can give them access to confidential information, wipe your hard drive or corrupt the data, or even spread the virus to others via your own computer. As we've seen over the past several years, everyone is vulnerable.
Fortunately, there are steps you can take to secure your business and customer data. First and foremost, if something seems off, it invites further scrutiny. The wording in the e-mail above isn't quite right. Sure, it could be someone who's typing quickly or who didn't re-read before sending. We've all sent strange e-mails and texts before. However, more than likely, it was a sign that something wasn't quite right.
Here's another example. Yesterday, an SST member received a sketchy phone call from a person supposedly in the ICU but who needed a storage unit. Sound fishy already? It gets better. The person then said because of the situation (ICU, remember), the individual would like to pay by credit card via phone and have the items to be stored "shipped." The astute operator declined the rental. This is just one scam storage operators have heard. Any time you hear, "I can't come to the facility to sign the lease because …" it's a red flag. Few operators these days will agree to a rental without a wet signature and a driver's license photo. Some even require two kinds of photo ID and credit card.
Beyond going with your gut, you should also put policies in place to prevent all kinds of breaches. This includes securing all paper rental agreements, never giving out or discussing sensitive information, and keeping passwords protected. Be sure all staff receive proper training on handling facility and customer data.
Your computer system should be protected with a quality anti-virus/anti-malware software. In addition, keep your software up-to-date. While it can be annoying to "update" every time you're prompted, staying current means you'll have the most effective program. This goes for your management software as well.
Finally, be wary of the Internet. While it seems like a no-brainer, be selective about which sites you view. An innocent-looking video about kittens playing could actually lead to trouble.
There will always be potential threats against your business, and they might even come from an unexpected place. Reduce the risk that your facility, employees or tenants become a victim of a phishing scam, cyberattack or other crime through vigilance. If something seems fishy, it just may be.
How do you keep your self-storage data safe? Add a comment below or on Self-Storage Talk, the industry's biggest online community.