"Your electricity is about to be cut off!"
"Click this link for an update about the package you sent."
"Your subscription is about to auto-renew! Click here to cancel it."
"What you need to know about COVID and family gatherings this holiday."
"Important year-end information from the IRS about your tax withholding."
Scammers are gearing up to send millions of year-end-themed emails that look very real, but are designed to collect your passwords, banking information, and infect your computer with malware.
Is the email urgent? Does is it make you afraid something bad is about to happen? Is money a part of the email's message? Those are clues it's a phish.
Here's an example of an actual phishing email that's making the rounds. See if you can spot the clues that it was sent by a scammer.
> Google and the websites you visit can track what you do online even when you set your web browser to "Incognito Mode." Google CEO Sundar Pichai told the Wall Street Journal that users' privacy expectations "are evolving" and that Google now automatically deletes records of users' web activity after 18 months.
> Up to 40% of product reviews online are fake, says PC Mag. Some retailers send social media users free products and pay them a few dollars to leave glowing reviews, according to Harvard Business Review. Earlier this month, the FTC warned retailers that posting fake reviews may lead to fines up to $40,000 per incident.
> A fake news report that a 5-year-old girl had been kidnapped is an example of how cyber crooks are stealing users’ passwords. A video about the non-existent “kidnapping” was posted to social media feeds in Ontario, Canada in mid-October. Users had to provide their social media passwords to watch the video.
"Is it safer to pay using PayPal, the website's own payment link, or my bank?"
Reputable payment platforms like PayPal, Google Pay, Apple Pay, and Shopify are engineered to be safe. But before you make a purchase online, look closely at where you're sending the payment. Is the web address "paypal.com" or "pay.google.com", not something close to it? If you're buying from an unfamiliar online seller, consider using a reputable payment platform instead of paying the retailer directly. If you need to make a return or if the product never shows up, you have a better chance of getting a speedy refund. As for your bank, visit its website directly to make a payment instead of clicking on the link in an email.
"How can I reduce the amount of junk mail I get without having to create a new email account?"
Opening a new email account won't solve the problem. In Gmail, select the spam you want to get rid of and click the exclamation point icon above the email to avoid getting similar emails in the future. In Outlook, click home > junk > junk email option and decide how aggressive you want your spam filtering to be. (The more aggressive the setting, the more likely you are to miss legitimate emails.) And be stingy about sharing your email address. Some retailers, non-profits, and political campaigns sell customer email addresses to make money.
"I still receive emails at my old Gmail and AOL accounts that I have not used in many years. Why does Google allow these accounts to be used? How can I block them?"
Delete any email account you no longer use. As long as it's active, spammers will send messages to it.
Aware Force Cybersecurity News • October 2021 d • Edition #132
Cyber cartoon © 2014 Randy Glasbergen
Original content © 2021 Aware Force LLC
Aware Force is a registered trademark