Technology is great, and we love trying out new things. But that doesn’t mean that someone won’t abuse it. Email scams, often called phishing, commonly play upon your greatest hopes, such as a huge windfall, or your worst fears, such as being accused of missing a payment. So how do you sort through the trash to find the treasure? NCRA’s Realtime and Technology Resources Committee has some advice on how to make sure you don’t get scammed.
Robin Nodland, FAPR, RDR, CRR, of Portland, Ore., offers a three-step process to start:
- Read the email closely. Does it ring true? Usually there are spelling, grammar, and punctuation errors that will alert you that a con artist is at work and the email is not authentic. Court reporters and captioners are experts at this! Trust your gut reaction.
- If you have access to an IT professional, run it by them.
- Google it. Chances are you are not the first person to be hit up.
Nodland references Computer Hope’s article on how to tell if an email is a scam. Red flags can include incomplete and misspelled words, a call for immediate action, a request for personal information, using a username instead of your real name, or a deceptive link or email address (that is, the metadata does not match what you see).
Committee chair Lynette Mueller, FAPR, RDR, CRR, of Germantown, Tenn., pointed to a Wired article entitled “Phishing scams even fool tech nerds – here’s how to avoid them.” The March 13, 2017, article says one of the first things to consider is the sender’s email address for mistakes, such as a number 1 for a letter l and other such substitutions. Also, think about whether this email would be likely to come from such a person.
Don’t overlook the official source for information on your particular email program. Whatever email program you use regularly, consult the help section or visit the online website to find information about how to block specific senders, change your security settings, unsubscribe from mass emails, and otherwise keep up with the latest protections. The Federal Trade Commission also offers information on how to avoid phishing attacks. The website includes information on how to file a complaint and report phishing emails.
To help you get a better handle on what to look for before you are attacked, Mueller recommended three articles on phishing:
- Digital Guardian’s Jan. 15 article “Phishing attack prevention: how to identify & avoid phishing scams”
- CNET’s Sept. 15 article “How to spot a phishing email”
- Carbonite’s July 19 article “Five ways to detect a malicious ‘phishing’ email”
Tamara A. Jenkins, RMR, CRR, CRC, of Crystal River, Fla., suggested a few more resources to bring you up to date on the latest in scams:
- Lifewire’s Nov. 2 article “How to test a suspicious link without clicking it”
- #reportscam’s article “Top 10 worst scams 2017”
- Hoax-Slayer’s Jan. 22 article “Fake Microsoft support email links to survey scam”
If you’ve already accidentally clicked on a bad link, Mueller recommends “5 steps to take after clicking on a phishing link,” a July 20 article on AgingCare.com. This article also notes that spotting phishing messages can become harder and harder to identify as scam artists get sneakier about getting to you.