If it hasn’t happened already, sometime soon, you are likely to receive an email from your pastor, a teacher or friend, the bishop, or maybe even from yourself, asking for a favor. Of course, it won’t actually be from one of those individuals, but it may look legitimate at first glance.
Just as the holiday season generates scores of emails with Black Friday and Cyber Monday deals followed by Giving Tuesday requests, it is also the time of year when fraudsters escalate their attempts to take advantage of the generous and trusting. Thankfully, many of these attempts have relatively obvious ‘tells.’
When reviewing your email, use extra caution when encountering the following.
- The email address or the domain is unfamiliar. While a growing number of attempts are using sophisticated means to ‘spoof‘ email addresses (making it look like it is from a trusted address even though it isn’t), more often, fraudsters use easy-to-create accounts on platforms like Gmail that look like they may be from the sender. Try calling the contact or their office directly (with a trusted number) to verify the email if something seems off, and if they confirm they did not send it, report it to your email provider.
- The email has poor grammar or spelling or uses unconventional phrases or greetings. While there are plenty of fraudsters operating in the U.S., many operate from countries abroad with lax regulations on such behavior. Thankfully, this is often evidenced in their spelling, grammar and misuse of common phrases. Still, while this can be a sign the message is fraudulent, it can also be a sign that your circle of contacts includes people for whom English is a second language. Be cautious but try not to assume based on this one thing.
- The email asks for an immediate reply or action. Even if the first email doesn’t make the pitch for gift cards or access to other sensitive information, they are often eager to get you to act before you think too hard. Whether it is a fraudster or a legitimate request for support, you should always think carefully about what you support and where you share sensitive information. Look carefully at such requests and use trusted contact information (do not directly reply) to verify the request.
- The email asks for login credentials or other sensitive information. Be wary of messages that may look like password reset requests unless you initiated that request from a trusted website. It is easy enough to create a fake login page with a domain similar to the one you regularly use. Phishing attempts like these can help a fraudster to extract your account credentials or other sensitive information.
- The email has unexpected or unfamiliar attachments. Never open attachments unless you are confident in the email source. In particular, avoid opening files with extensions (.zip, .exe, .jar, .scr, etc.) as they are easy vehicles for malware. If you don’t have malware-blocking software, consider purchasing it.
- The email contains a deal or an offer that is too good (or bad) to be true. We all want to believe in miracles and win the lottery, but we know such things are few and far between. The better the deal or offer, the more likely it is a scam. Similarly, if you receive a message purporting to be from a contact who needs immediate help due to some calamity, use similar caution. Ask yourself, would you really be the person they would reach out to and would they do so by urgent email?
Your best defense against fraudulent email is a healthy amount of skepticism. Please avail yourself of the information above and permit yourself to be less trusting in this one area of your life.
Finally, none of us are perfect in our ability to spot fraud. If you haven’t done so already, consider using extra security tools like two-factor authentication (2FA) to provide an additional security layer in case someone catches you off guard. 2FA often uses your cell phone or another means of authentication to ensure you are who you say you are.
May your holiday be blessed and free of internet thievery!
[…] a request, so they may have to look for other signs. We collected some things to look for in a previous post on this topic. Let your people know that you would prefer they err on the side of […]