Whether it’s an email, a phone call or a solicitation through social media, scams abound and it’s up to all of us to be aware. While they take different forms using various platforms, most scams have a few things in common that can serve as tell-tale signs the communications are not legitimate.
Some of the common cons that have been in circulation for a while include phone scams, email phishing scams and schemes attempting to solicit money through fake charities.
As time goes on and the public gets wiser, con artists have had to become more creative. For instance, each year around tax time, scammers will send out emails purporting to come from a tax preparer, the IRS or an executive in your company asking for payroll data or other highly sensitive personal information.
Another scam that is gaining momentum is a phishing scheme where con artists will send out emails or promote fake websites claiming to sell last-minute tickets to popular events at steep discounts.
These criminals also are quick to capitalize on technology changes. One example is through the use of Gmail Confidential Email.
Google recently unveiled a new version of Gmail that includes Confidential Mode, which is supposed to provide more security by having the emails expire after a certain amount of time or requiring a separate passcode to access the email. However, this mode works by storing your email on Google servers in the cloud.
When both the sender and recipient use Gmail, the confidential mode email appears normal. But, recipients of Confidential Email who do not use Gmail will receive a link to access the email through an Internet browser. The user is prompted for a login username and password to determine whether or not they are the intended recipient.
However, a phisher can con people into revealing their login information by sending them a fake – but authentic-looking – link to an email supposedly sent by Confidential Email. Once the victim enters his or her email login information, the con artist can then wreak havoc with their victim’s information.
Scammers are also taking advantage of the new European data privacy regulation that went into effect May 25 called General Data Protection Regulation, or GDPR. Con artists will use this as bait by sending an email claiming you’re not compliant with the new regulations. As usual, do not click on any links or open attachments claiming any problem with GDPR. Simply delete them.
While these scams can sound more complicated using high tech language that is not familiar to most of us, at their core, con artists use the same tactics over and over again.
Remember, any communication is probably a criminal scheme if:
- It comes from an email name you do not recognize;
- The email contains misspellings or broken English in the address, subject line or in the body;
- The email was sent from a strange time of day, like the middle of the night;
- The communication prompts you to act immediately;
- The email asks for payment;
- The communication threatens criminal action;
- The email requests immediate action;
- Suspicious communication includes a link or attachment; and/or
- The communications requests personal information or credit card information.
The best principle to follow is if you are unsure, delete the email. If it appears to come from a colleague or someone you know, but it still contains the hallmark of a scam, call that person or send them a separate email asking if they did in fact send you information. As always, you can contact our office if you have any questions.
Sources: KnowBe4, ComputerWorld