Cyber security expert offers online safety tips after scammer targets his firm

Each day, online phishing scams are targeting individuals and businesses.

A phishing scam is when an email is sent out from someone pretending to be somebody else, to obtain sensitive information from the recipient.

Recently, Josh Gossett, a co-owner of the Bowling Green-based cybersecurity firm Coretech, learned someone had copied and pasted his e-signature into an email blast. The email did not originate from Coretech, nor did it come from Gossett’s actual email address. 

“Scam emails are perhaps the most common thing going around right now,” Gossett said.

In the email, recipients were advised to click on an attachment, when, if opened, personal information could be compromised.

Scammers are becoming more and more sophisticated, Gossett said.

“These things are socially engineered to trick us. They are specifically designed to look and move like things, places, people and entities we trust,” Gossett said. “They are meant to look very official and meant to look like Microsoft logins or Amazon accounts. That’s the dangerous element.”

At Coretech, Gossett teaches his clients multiple techniques so they don’t become victims of phishing scams.

“If you don’t recognize an email or it’s sender, don’t click it. You can almost assume people know that this day in age,” said Gossett. “You can also do simple things like changing your password. Security is not a convenience thing. I think people forget that sometimes. Being secure is a behavior, it’s not an event.”

Gossett added that it would be wise for computer users to invest in a password manager program. Gossett also advises clients to never click on any suspicious attachments or visit a link sent in an email.