Scammers and other “bad actors” are finding more unique approaches to gather sensitive data from potential victims. We see this from time to time ourselves and think there’s no better time to share what we’ve learned.
Here are a few general rules:
- Filter spam
- Don’t trust unsolicited email
- Be cautious with email attachments from senders you don’t recognize
- Avoid clicking links in messages
- Install antivirus software and keep it up to date
- Install a personal firewall and keep it up to date
- Configure security features in your email account
The FTC (Federal Trade Commission) made a list years ago of some common fraud schemes, which still appear to be recycled to this day.
- bogus business opportunities
- chain letters
- work-at-home schemes
- health and diet scams
- easy money
- “free” goods
- investment opportunities
- bulk email schemes
- cable descrambler kits
- “guaranteed” loans or credit
We also see quite a bit of phishing emails, which are those that are crafted to look as if they’ve been sent from a legitimate organization. For example, a company you regularly work with may alert you that there’s a problem with your account. There’s a link included that may look real, but if you were to uncode that link, it would look completely different. See example below:
visible link: http://www.company.com/accounts/
actual link to bogus site: http://it.co.ar/data/company/index.html
Other things to look out for:
- Bad grammar or misspelled words
- Generic/ Unfamiliar greetings
- Demands for urgent action
- Inconsistencies with the email address, links, or domain names
- Requests for Login Credentials, Payment info, or other sensitive data
If you suspect you may have been scammed, check out IdentityTheft.gov. They have steps here that you can take based on the information you’ve lost.
If you think you clicked on a bad link or attachment, update your computer’s security software. Then, run a security scan to check for vulnerabilities. Here are a few free ones that are very helpful: