Just because someone says you’ve won a small fortune, or inherited it, doesn’t mean it’s legitimate, writes Sarel Lamprecht, MD of Phishield, a provider of cyber insurance.
Have you been offered a part-time job via email, or had someone want to confirm an order and ask for you to click on a link? Or perhaps someone has told you that you’re an heir to a small fortune, or they have a business deal they want your help with or even – for the greedy – they need your help to smuggle mega bucks out of some or other war torn country.
Some of these emails are laughable and obviously scams, but many look like the real deal. The only reason they keep coming is because people keep clicking.
If the scammers only have a 1% success rate, that’s enough to keep them sending.
So here are a few tips and tricks, and red flags to keep yourself protected:
* Is the mail from someone you really don’t know?
* Is there a link in the mail, which is .html?
* Does the link direct you to a page that requires you to enter all your details, including email address and password?
* When you check the sender of the mail, did it come from some sort of a mailing list, or even your own email?
* Did the mail purport to be personal, but your address is in the blind carbon copy (BCC) line?
* Does the mail pretend to be from your bank, but when you mouse over the link it’s nothing at all like the address you usually type in?
Here’s what’s happening: Some scammer is trying to con you into handing over your log ins to a secure site, such as your bank’s – because we can’t all remember a gazzilion passwords, right? Or, the scammer could be trying to social engineer you – a process whereby they gain enough information on you to friend you on Facebook, which allows them to gather more information.
Do you have any idea how much can be found out once you have a name, surname and address? It’s scary how much information we have out there about ourselves.
So, how do you protect yourself? Some aspects are obvious, such as, if you haven’t filed a tax return, then you aren’t getting a refund. But, since most of us hope for that windfall, we may be tempted.
Here’s what to do:
* Don’t click the link, type in the address you always use;
* Keep your antivirus software up to date;
* If you are in the BCC line and not the TO line, it’s a scam that has gone to many, many others;
* If the link is .html and the body of the email indicates it’s a document, or PDF, don’t click – html is web script; and the scammers want your details.
* Check the links they want you to click on – does it end in something unusual like .cz or .co? Don’t even think about it.
* Don’t know the sender? Perhaps have IT have a look first.
* Protect yourself with cyber insurance in case of the worst case scenario