You wouldn’t tell a random stranger your PIN and hand them your debit card, so why would you treat the Internet any differently?
E-mail scams are nothing new, but they’ve been increasing in number as the worldwide economic crises deepens. Worst of all, these scammers are getting more ingenious with every passing day. Chances are most people only have moderate technical skills, and are no match for hackers. Nevertheless, there are ways to recognize a scam and counteract it before you become a victim of identity theft.
Focusing on e-mail scams, the main types are as follows:
- Foreign Money: Some person or company has a large amount of money they wish to access, but for some reason they need your help to access the money through using your American bank account. If you are willing to hold the money in your account, they will give you a percentage for helping them avoid taxes or some other financial loss they wish to avoid.
Reality: Unless you are a large corporation, why would some person/company randomly ask a stranger to use their bank account? It’s pretty shady from the start, and it’s just some thief trying to get access to your account and clean you out.
- Inheritance: Your great Aunt so-and-so has passed away and you are the only living heir. Or perhaps it is a person you are not even related to, but for some reason this complete stranger has named you in their will as an inheritor to their estate. Usually this letter has a lawyer approaching you requesting information for them to transfer your inheritance into your private account.
Reality: First of all, if you have any living relatives who are older than you, why would you be the only living heir? Furthermore, a millionaire who couldn’t distinguish you from any other person is not likely to all of a sudden magically or psychically list your name on their will. Again, it’s just a thief trying to get into your bank account.
- Phishing: A company you normally do business with, such as your bank or a retail store, sends you a letter or pop-up explaining that they believe your account has been accessed by an unknown third party, or that they require information to process paperwork concerning your account. They even include links for you to follow that will take you to a legitimate looking site bearing the company’s name and logo.
Reality: Hackers, by their very nature, have extensive knowledge about computers and creating web pages. Therefore, creating pages that look exactly like a legitimate company’s page is child’s play to them. Whatever information you enter into their phony site gives them full access to your identity.
- Overpayment/Underpayment: A legitimate looking letter from your bank, a department store, or even the IRS, arrives in your e-mail explaining how you have either overpaid or underpaid them by some margin. They give you a rather brief time limit to respond before negative consequences will result. Similar to phishing techniques, they either provide a false web site that looks legitimate for you to fix the supposed problem, or they simply request you e-mail them with specific information.
Reality: As high-tech as our world is, most organizations will still send you a check for overpayment through standardized mail. Likewise, if you are behind on any account, you will receive documentation through standardized mail instead of through the Internet. Some companies do prefer to send messages via e-mail due to being more eco-friendly, but they are unlikely to ask you for banking information upfront.
- Letters from Work: You get mail from your company and coworkers all the time, and you just received a message about how the IT department is installing some new information and needs everyone to submit their username and password. Or perhaps your human resources department needs to update your tax and banking information. Maybe the letter is from someone at your office who has a fantastic business opportunity they would like to include you in.
Reality: IT departments set up usernames and passwords, and would not need you to send them any information. Human resources may contact you through e-mail, but would most likely need you to fill out banking/tax information in triplicate on real paper. If someone in your company has a great business idea, why are they not coming to you first if they’ve never met you in person? Most likely your office or one of your coworkers has been hacked, and the hacker is using the hacked account’s address book to send out more spam.
- Pleas for Sympathy: Some tragic or horrific event has happened in a distant country. The sender explains to you what has happened, tries to appeal to your sympathetic side and perhaps your religious affiliations as they plead with you for a donation. Some will provide a link for you to donate your money through, and others will ask for your personal information to send you pamphlets and fliers about the situation.
Reality: How exactly are these people in tragic circumstances getting online? More importantly, if they’ve been so tragically affected, how have they had the time to build up web pages for people to donate money? Finally, how did this person obtain your e-mail address? Once again, this is just some person using your good nature against you.
Beyond immediately deleting or ignoring these e-mails, what can an average person do about these crooks and their scams? More importantly, what steps should be taken to avoid being victimized?
As an active citizen against identity theft, there are several ways you can help stop these criminals.
First of all, report any of these scam e-mails to the appropriate authorities. Most e-mail service providers have a “spam” option that can help identify e-mail addresses sending out scams. Additionally, many companies with a strong online presence have departments dedicated to finding and stopping these criminals. In most cases you simply forward the suspected e-mail to the proper department at the company and they will help take care of the problem. Plus, when you notify a company of an ongoing scam, they can send out massive warnings to their customers to help prevent the scam from claiming new victims.
The best way to avoid identity theft is to not become a victim in the first place. To do so you should:
- Be careful concerning personal information you submit through the Internet. Granted, you will have times when you have to submit information, but verify that that person/site is legitimate. It is highly unlikely that any place of business needs your banking information transmitted through e-mail, and in fact a legitimate business would prefer to have you submit that information in person.
- Do not follow every link. If the supposed company sending you the e-mail is a company you regularly do business with, manually type in the businesses homepage on a separate web page. Verify your account information with the information from the e-mail to see if anything is inaccurate, and report the e-mail as spam if necessary.
- Be careful of downloading unverified documents. If a stranger sends you an e-mail with a document to download, always run a virus check before you download anything. Additionally, it is a good rule to not download anything from strangers. Downloading unknown information could plague your computer with viruses or create a backdoor for hackers to steal your information.
Even if you recognize an e-mail to be an obvious scam, don’t let your temper encourage you to write an angry e-mail in reply to the spammer. It might make you feel better to tell the person off, but it also tells the spammer that your e-mail address is active. Instead of yelling at a person who will never listen to you, do everything in your power to have that person found and arrested by the proper authorities.