TechKnow: Email Scams

-John P. Dunker-

Four years ago I wrote about why we receive emails that appear to be from people we know but are really not from them at all. If you see a suspicious email that looks like it’s from a friend, it doesn’t mean they’ve been hacked. This is called “spoofing” email addresses. The actual email address is not what appears in the email you receive. I also wrote that there is little, if anything, you can do to stop email addresses from being spoofed. All you can do is warn your friends to delete emails from you containing content that appears to be spam or information not normally sent by you.

Most of us know spam when we see it, but seeing a strange email from a friend or even from ourselves in our inbox is pretty disconcerting. Scammers send these emails all the time. It’s not hard for a savvy geek type to collect addresses. Some methods they use are too complicated to describe here, but rest assured they are doing it to all of us.

Scammers have been harvesting email addresses to spoof for a long time. For years, they have collected contact lists from malware-infected PCs. Today’s data thieves go even further by choosing their targets carefully. They use “phishing” email messages that are spoofed to look like they came from not just friends but also other trustworthy sources.

If recipients of phishing emails bite by clicking on a link in the email and/or log in with their username and password, the scammers have hooked their prey. All sorts of bad things could happen after that, from malware infections to ID theft, ransomware to spyware, including all your contacts’ information as well. So how do we protect ourselves along with all those friends and relatives we worry about?

Here are a few tips to help all of us stay safe online:

  • Call or email a known contact if you receive a suspicious email from them. Do not use “reply” to contact them via the received email. Remember it probably didn’t really come from them in the first place. Your friends will let you know if it’s really from them or not, and they may want to warn others in their address books that such an email is floating around.
  • If it sounds too good to be true, it probably is. Remember this rule your parents probably taught you when training your loved ones to keep themselves safe online. Using a little common sense goes a long way. You probably aren’t going to suddenly win the Spanish National Lottery when you didn’t even know you had a ticket. These types of phishing emails are on the rise, and people are falling for them in hopes of getting extra cash.
  • Never, ever click a link to your bank or financial institution from an email. Using the link in an email to log in could create financial disaster for you and your family. Call the institution, or go to your web browser directly to log in via their website if you feel the email might be legitimate.
  • Do not buy anything from an email you didn’t ask for. The easiest way scammers get you is by dumping spam in your inbox for everything from cheap watches to fake male-enhancement products. The easiest and simplest rule is to never buy anything from an email at all. Sure, you could probably make an exception for email newsletters from sites you trust, like Amazon. But remember it’s relatively easy for scammers to pretend they’re Amazon, just like it’s easy for them to pretend they’re your bank. Just make sure you aren’t buying, or even clicking on, anything from an unsolicited email. (You can always go straight to Amazon and search for the product they’re advertising.)
  • Beware of crooks posing as Microsoft support techs. There has been huge surge in email and websites scammers wanting remote access to victims’ PCs, Recently, I had a client call to tell me he had subscribed to an online PC maintenance service. After his paid subscription fee expired and they wanted him to renew, he declined. The so-called company then locked down his entire system and refused to release it until he paid. He didn’t pay. Instead, he bought a new PC.

Our aging population is simply creating a bigger target for the scammers. Email addresses of susceptible people are being passed around on so-called “sucker lists.” There are no real signs of improvement in email scams. Even though security software is getting stronger, the crooks seem to stay one step ahead with new techniques for hacking and fooling people into giving away their confidential information. It’s an area where we all must be more alert and monitor vulnerable people who are apt to fall prey to these scams.