Scams got a big boost during the pandemic and I've been hearing about more well-meaning people (even very tech-savvy ones) getting caught up.
To do my part to help, here are some tips so you and your loved ones can stay safe.
I’d also like to ask for your help: Please forward this blog to anyone you know who could use a refresher on the latest scams.
You might think your friends, family, and elders would be too smart to get caught, but the wider we spread awareness of the latest info, the better. Saving even one person would be worth it.
The goal of scams is to steal your money, steal your accounts, or steal your identity.
Here’s what you need to know:
Phishing emails and texts mimic legitimate communications to trick you into giving up account logins, credit card or bank details, or other sensitive data so scammers can use or sell them.
What do they look like? Scammers send you an email or text message asking you to verify your account or payment info, track a package, or unfreeze your account. Inside is a link to a (very convincing) fake website that steals your info.
Scammers might also send you a file attachment or document link to get you to click and install malware on your computer or phone.
Here’s how to avoid getting scammed:
- Remember that legitimate institutions will never ask for sensitive information (like usernames, passwords, SSN, or bank details) by email or SMS.
- Always be suspicious if a message contains odd phrasing, grammatical mistakes, or typos.
- Check the “from” information carefully to make sure messages are from a legitimate domain name or number that is actually associated with the company (e.g. [email protected] and not [email protected]). Not sure? Call the company’s public phone number and check.
- Don't click on links or open attachments unless you fully recognize and trust the sender and are expecting the message. You can hover over a link to view the URL and make sure it’s sending you to a legitimate site.
- And if it looks real... stay suspicious and call the company that sent the email and confirm it is from them.
Here’s a phishing email in action. Can you identify the red flags? (Answers in the P.S.)
How many did you see? Did you catch the fake number at the bottom? Sneaky!
Spoofing calls are another scam that's on the rise. Scammers “spoof” the info on your caller ID to make it look like they're calling from a legitimate organization.
What do they look like? Scammers may claim to be from your bank, the IRS, the Social Security Administration, or other organizations to trick you into sending money or giving up sensitive information.
They may claim you owe money or threaten you with the police if you don't take action right away.
In other cases, they will impersonate a financial institution, claim your account is locked, and attempt to gain your account credentials to “unlock” it.
They might even call about an unexpected refund or windfall that you can only receive right now by handing over your personal information.
How to avoid getting scammed:
- Be suspicious of calls from the IRS, SSA, or any financial institution. If you receive one, ask for a case or employee ID, hang up, and call them back on the official number on their website.
- Never confirm information over the phone unless you have personally called the official number or are expecting a call.
- Hang up immediately if the caller threatens you or pressures you to resolve an issue over the phone right now.
Want to report a scammer who targeted you? The FTC collects reports here.
Folks, stay safe out there.
Scams work by taking advantage of fear, greed, and the desire to do the right thing. If something seems “off” or “too good to be true,” take a break.
Never be afraid to contact a company through its official phone number or website to ask for clarification about a message or call. Better safe than sorry.
P.S. How many red flags did you spot in the phishing email?
- The sender info shows the email did not come from Netflix's domain.
- The email client (Gmail in this case) flagged this email as suspicious.
- No salutation. Typically, an official email will include some portion of your name.
- Weird syntax.
- That's not an official Netflix phone number.