Monday, December 14, 2015

A Simple Way to Avoid Email Scams

P.T. Barnum said, 'there's one born every minute.' That famous old circus entrepreneur was referring to those gullible among us who seem to fall for every get-rich-quick scheme or miracle cure that comes along.

What Barnum might also have said--or certainly implied by his original statement is, that for every sucker, there is also born someone who will try to take advantage.

One of the places where you'll find a scam a minute is your email inbox.  You've seen them; the email from a Nigerian prince or weeping widow telling  you that if you'll only provide your bank account information, you'll be a rich man when they transfer some ridiculous amount of money into said account. Another really silly scam is the one where someone hijacks someone else's email account and then sends a frantic email to all their contacts saying the hijackee is stranded in some country and needs money to get out. You'd think no one would fall for such obviously hokey stuff, but many do.  Don't you be one of them.

Some other email scams are not so obviously phoney--on the surface at least. Sometimes, scam artists phishing for personal information, will use familiar names, or subject lines that seem to make sense, in an effort to get you to open their emails and hopefully click on the links included--which then gives them the opportunity to stick a virus into your computer and hijack your information. When you see an email from a familiar name, or the subject line is one that you might normally receive, it's tempting to treat it as routine business. My advice is, if you're not 100% certain, don't open it. Use the preview pane utility available with most email services. If you do open it, don't EVER, and I mean NEVER, click on any link in it--and, that goes for links from people you know. They could very well be sending a malicious piece of malware without even knowing they're doing so.

But, here's the real insidious thing about familiar looking emails: they're not always from the people whose name appears in your email list. Black hat hackers have the ability to put whatever they want in that part of the email that appears on open lists, masking the metadata (all that junk with strange symbols that tells you where and who the email really came from). How do you guard against this? Here's something I routinely do. When I get an email from someone familiar, but from whom I've not heard in a long time, before I open the email, I hover the cursor over the FROM name in the email list, and PRESTO! I see the email address. If the address in the popup is unfamiliar, I immediately delete the email.

Here's an example of what I mean. In my inbox today was an email from James Entwhistle with the subject line: Office of the Us Ambassador.  The name was familiar, but take a closer look at the subject line. U.S or US is not normally written Us by educated people--certainly not people in my particular crowd (long-time U.S. Government employees). So, right away, I'm a bit suspicious. The next thing I do is hover the cursor over James Entwhistle, and what I see in the popup box is Now, that might be a valid email address, and if it is, I apologize to Mr. Entwhistle, but it certainly looks bogus to me. So, that email goes in the trash, and I'll never know what it contained. But, it it was bogus, that hacker didn't get into my computer that time.  I might be a bit paranoid, but I do the hovering cursor thing with a lot of my emails, even when they're from people I know well and communicate with often.  I've been hacked before, so I've become extra cautious.

Anyway, I just wanted to share that little bit of information, and I hope it was useful. If you're aware of any new Internet scams, or ways to protect yourself, please share them in the comments.