Top Do’s and Don’ts – Email Scams
20th June, 2017
Following on from our previous post, an introduction to phishing, we wanted to share some top do’s and don’ts on coping with email scams with you.
The Do’s:
Think – Does it look legit? Is the spelling or grammar wrong? Do you know who it’s from and if you think you do, would they send it?
Update – Keep your software, operating system and antivirus up to date (if you don’t have antivirus software then you need to talk to us now!).
Check – If you have doubts about a link or attachment, don’t touch it. If you want to be certain, check. Try putting the subject header into Google with scam at the end (e.g. ‘Google Doc Scam’) – you’ll be surprised how much pops up.
Double check – Call the company/bank/supplier. Don’t use the telephone numbers in the email, look up the number on the company’s website. Or use one from legitimate paperwork such as an invoice you’ve already received.
Triple check – We know, it’s getting boring now, but we just can’t emphasise enough how important this is. Look at the website address, it’s often very similar to the real one. Barclayz.com instead of Barclays.com – it’s easy to miss. If it purports to be from a regular supplier, try typing their website into your browser address bar.
Also look at the email address. If it is supposed to be from the Royal Mail for example, you would expect the email address to match their domain eg xxx@royalmail.com. If they don’t match, do not open it.
Beware – Of threats like ‘your account is about to expire’ or ‘overdue invoice, pay now’. These are tactics to induce fear and panic, increasing the likelihood of you clicking where you really ought not.
And the Don’ts:
Just click – If you do open the mail and it asks you to click on a link, be sure it’s what it says it is. If you’re using Outlook you can hover the mouse over the link and it will show you the actual website address, which might be very different to how it appears in the mail. If it’s something like your bank, login via your normal method.
Give away the crown jewels – No reputable company will ask you to supply user names, passwords, PINs, bank account details and so on. If you’re asked for this in an email, delete it.
Be fooled – By embedded logos or e-mail addresses – they are easy to spoof and they may look right, but these guys are good.
Send money – When you get a sob story from a complete stranger, who claims to know you via a friend or colleague, and is apparently stranded in the back of beyond and unable to meet the medical bills for injury they sustained in a ‘moped accident’ or similar. Probably the worst injury he’s picked up is repetitive strain from all the time bashing away on a keyboard while he’s crafting this scam.
Forget to do the basics – check your bank account and credit card statements for irregular or unusual transactions.
As always, we are here to help, so please call us on 01784 437 123, if you believe you have already fallen foul of a scam.