A friend recently posted on social media that he was scammed. His computer was hacked by a phisher pretending to be from the financial technology company PayPal. The scam involved receiving a message from a credit union stating he had bought something that he hadn’t. When he called PayPal at the attached number, it wasn’t really them. The hackers took control of his computer and tried to steal $20,000. Now my friend is facing the nightmare of trying to protect his accounts and credit and regain access to his computer. There are a couple of quick takeaways.
Getting hacked can happen to anyone – including intelligent people – and it can be a frightening and aggravating experience. Among the most common ways to be scammed involves receiving an email that fraudulently claims to be from a familiar company such as in the story above. Large companies such as PayPal work to address issues involving phishing. The act is defined as illegal attempts to “fish” for your private or sensitive data. Should you receive a suspicious email from someone spoofing PayPal, or phishing, the company encourages you to forward the entire email to [email protected]. They ask that you do not alter the subject line or forward the message as an attachment. After, they suggest that you delete the suspicious email from your email account. As with any questionable email, avoid clicking on links that may harm your computer. Many other companies have similar policies and will work to protect consumers and combat fraud. But they do rely on folks to report spoofing and phishing attempts to them.
Online scams are extremely prevalent; thus, consumers cannot trust every email they receive. Scammers work hard to make their emails seem realistic, even duplicating company logos in some cases. Often, there are hints of a scam. This may include an improper company address. Frequently, the web address is scrambled or looks suspect. (Tip: You may not always rely on the “s” for secure in http as advanced hackers can now build encrypted sites.) Or there may be misspellings, typos, or poor grammar in the subject line or body of the email text. The greetings may also be impersonal and read “Dear user,” or “Hello member,” whereas authentic communications will generally use the name of the person on the account.
Phishing emails often use scare tactics – demanding personal account information or indicating that there is a problem with your account. Legitimate companies do not issue ultimatums. Thus, scare tactics are a common red flag of a scam. There are many wise ways to protect your personal information from phishing and fakes. This includes being aware of scams, knowing ways to spot them, and safeguarding personal information. If you have questions over an email’s validity, do not click on links or use contact information they provide. Instead, contact the company directly with a phone number or email address that you independently verified and know is authentic. And, as always, report fraud, scams, and bad business practices to the company and/or to the Federal Trade Commission (FTC) so that they can investigate and help fight fraud.