Escaping Scams #2 — Email is not always your friend

September 12, 2024

Chesa Keane, a new Associate member of Global Travelers, is a long-time consultant in many aspects of IT. As members of a virtual Rotary club, we are all, by definition, on-line to various degrees. And, like many things in life, being on-line comes with risk. Chesa has generously agreed to create a web series for our members with tips for helping us avoid becoming the victim of online scams. This is her second installment, focused on email scams.

I can bet you have received odd emails from friends that don’t seem to make sense. It’s their name, but not their email address. This is an indication that their computer or contacts list has been accessed and now the hacker has all the email addresses of the people in their Contacts and they are sending you an email to “touch base.” Why? To see if your email is still good so they can go to Step 2, whatever that nefarious activity might be. It is probably one of the scams listed below.

Or you might receive an email from a friend telling you that they are on trip and some tragedy has occurred – they were robbed or highjacked or they lost their passport and wallet – and they need help. Could you send them $1,000 (or whatever amount) to help them get home? Of course, since they are a friend, they will pay you back as soon as they get back. Except it’s not your friend and you’ll never see your money again. In fact, you probably gave them either credit card or banking information in order to send them the money they needed, and they will use it as often as possible before you can contact your bank.

Another twist might be an email with an attachment or suspicious link included in the email that seems so important you feel you must reply. This might take you to where they want you to provide your financial information, or it might be a virus that gets downloaded onto your computer or phone that will install a file that tracks your activity or even destroys your device.

Maybe you received an email with a receipt for a new iPhone or Dell Computer or some service for several hundred dollars. Don’t panic and call because they are looking for you to contact them for a different sale – perhaps help to stop this scam. They will tell you that they are going to cancel the sale and report it, but just to validate that it is you, could you provide your banking/credit card information. Sounds legit, right? These people are the best at sales and can convince you they are there to help. Do not respond.

The emails that really tug you into a response are those from what seems to be an authority figure such as a government agency. They demand a response within 48 hours or by a certain date and you feel obligated to respond and even threatened with consequences if you don’t respond. Again, look at the email address of the sender. If in doubt, go to the domain of the address directly. More than likely it doesn’t exist.

After all these years, you might think that the emails that found you among all the people on earth to be the lucky one to receive millions of dollars would have fallen by the wayside. No, they are still out there. Who would respond? Perhaps someone who is new to email. Yes, there are still new users coming online every day. They are the innocents who would love to see their bank account grow by leaps and bounds for no apparent reason. This kind of email, of course, is designed to get your banking information. After all, where would they deposit your money if you don’t give them a bank account in which to deposit. Once they have that information, your bank account is drained. Do NOT respond to this email.

There are many variations on email scams. The basic formula is to:

Pose as either a friend or person of authority for which you feel the need to respond
Create an urgency to respond by replying, clicking on a link or calling on the phone
Once the response has been made, swoop down on the unsuspecting responder with hard sales techniques for follow-on stages of their scam.

The scammers basically create the need for basic human interaction based on either greed or fear. Follow these some basic rules and you can foil those plans:

If it seems suspicious and you know you didn’t order a new iPhone, DO NOT RESPOND.
If you question whether the sender is real, check the email address. An email from a woman at Charles Swab notifying you that your asset transfer of $4,500 is complete would not have the address of [email protected].
If the email from someone you don’t know is asking you to click on a link, download a file, reply or call them to manage some urgent issue, don’t do it.
If the email from someone you do know is asking you to click on a link, download a file, reply or call them about something that doesn’t make a lot of sense, don’t do it. Pick up the phone and call them to be sure.
If you get an email from a friend that uses their name, but you know it is not their email address, call or email them (using the correct address) and tell them that their contacts have been hacked and they need to change their password immediately. They probably won’t, but at least you did your duty.
If it seems to be too good to be true, it is. DO NOT RESPOND
Unless you are absolutely certain that the email is legitimate, do not click on the links, download any attachments, or reply

Email has become such an important aspect of our communications with friends, family, businesses, events and life that we too often just do as the email asks. Do not be lazy about safety. The email trap that catches you can make your life miserable for a long, long time.

Looking for more? Read Chesa’s other informative articles: