GTM Payroll Services is aware of ransomware and other types of cybersecurity threats, like the recent Log4j computer vulnerability, and has implemented measures to safeguard our clients’ data.
There are effective steps for you and your employee to help prevent hackers, scammers, and other cybercriminals from compromising your computers and mobile devices, stealing information, and harming your family or worker.
Here are a few of our tips for keeping your data secure:
- Understand cyber attacks, recognize potential security threats, and create strong passwords.
- Change passwords often, and be sure they include multiple letters, numbers, and symbols. Phrases or long acronyms are especially hard to ascertain or break.
- Never respond to pop-ups or unsolicited phone calls asking you to provide personal information or to submit or re-submit your login and password information.
- Scammers may also pose as a company you may do business with to steal information. If you receive a request to email any sensitive information, do not respond to it.
- Never, ever email sensitive employee information such as W-2s, benefit enrollment forms, or anything with social security or credit card numbers. Email databases and accounts are inherently insecure, and if malicious parties get access they can often see or get everything.
For our valued clients, you can share personal or sensitive information with our client support team over the phone and upload tax documents through our secure online portal.
GTM client support representatives will always verify the identity of whom they are speaking or chatting with. We will only provide information to those who are authorized contacts for your account. Authorized contacts can be added and removed by logging into your account and going to My Account > Authorized Contacts.
GTM Payroll Services also invests in threat protection measures and ongoing security enhancements to protect our clients’ data.
All staff undergoes regular security training to prevent unauthorized data access and maintain internal protections. We are compliant with the NY Department of Financial Services cyber security regulation (23 NYCRR 500).
Phishing attacks, a popular type of cyber attack, also continue to rise. Scammers are using email and text messages to trick you into giving them your personal information or installing malware on your computer.
We want you and your employee to be safe and avoid these scams. Here’s how to protect yourself.
Phishing attacks may look like an email or text from a company you know and trust. They may even use a company’s logo and other elements to make it look legitimate.
Among other tactics, phishing attempts may:
- Say there’s been suspicious activity or log-in attempts
- Claim there’s a problem with your account
- Ask you to confirm personal information
- Include a fake invoice
- Ask you to click on a link to make a payment
The goal of these phishing emails and texts is to trick you into clicking a malicious link or opening an attachment.
Even though phishing attacks are getting more and more sophisticated, there are signs that an email is a scam. Here are a few things to look for:
- Check the “from” email address. While the “from” name can easily be manipulated, the actual email address that is sending the message is harder to spoof.
- The email is from a Gmail, Yahoo, or similar free webmail account. While some small businesses may use a webmail account, most companies send emails through their own domain name.
- The email is not addressed to you but rather “Dear customer” or “Dear recipient.”
- The content of the email is suspicious. For example, the email is a warning that you have been locked out of your account for too many failed attempts but you have not tried to log in recently.
- Grammatical errors like misspelled words or odd use of capitalization.
- Hover over any links to see where it will take you if clicked. Do not trust any links that look suspicious.
- Unsolicited emails that contain file attachments are usually fake and may infect your computer with malware. Go to a company’s website to download any documents.
If any of these “red flags” are present, delete the email. When in doubt, call the company that supposedly sent the email. Do not use any numbers provided in the email as those could be fake. Visit the company website to find the right number to call.
GTM Payroll Services will never ask for your account number, password, credit card number, Social Security number, or any other personal, payroll, or tax information by email or text message. Our emails will also be sent from gtm.com and not a webmail account.
GTM clients can contact us at (800) 929-9213 or [email protected] with any questions about our data security measures.