While wandering about the net I chanced on an article from Microsoft. It’s a concise overview of what to look for in a well-crafted scam. Fortunately for us most scams aren’t as well constructed, so they usually have one or two of these earmarks: shortened URLs, wacky email addresses, weird information, and will almost always ask for your sensitive data.
Often the scam will try to play on your emotions to elicit a response. One such scam is in the form of an email from a friend stuck in a foreign country who lost their wallet and needs money to get back home. The victim sends money to an overseas money order location and the scam is complete.
Below are some ways to help pick out the scam from the real emails:
* Shortened URL – For example http://bit.ly/duKtKC is a link to the homepage of this blog but it could be a link to anything. This is tricky since Twitter has made these quite popular, but no self-respecting business (other than Twitter) is likely to use them in official correspondence.
* Wacky Email Addresses – While I wrote this I also signed up for a new email address: firstname.lastname@example.org. Any spammer can do the same (often to avoid blocked sender lists). No self-respecting business or organization is likely to have such a nonsense address.
* Strange Information – Often scammers will try to impress or scare you with information they’ve picked up on-line. However, this information is usually inappropriate to the e-mail. So if your bank is contacting you with info about your coworkers, or Amazon is asking you to pay for something you ordered last year, chances are the email is a fake. Another thing to look out for is made-up info. If a scammer can’t dig up anything on you they may resort to fabrication.
* Information Requests – Usually the point of any email scam is to get info from you. To this end the email may ask for your credit card number, social security number, or your username and password. Since this is a known tactic for scammers no legitimate business or organization will ask you for this personal information by email.
* Requests for Money – As a general rule never send money to an unsolicited request, especially if the recipient is overseas or they are unknown. In addition to the above example where a friend is stuck in a foreign country another scam involves cashing checks. One example of this scam involves a person, let’s call them Jake, renting out a room online. The scammer, who Jake has never met, sends in the rent check but then a few days later gives a sad story requesting the money back but says Jake can keep the deposit for his trouble. Jake sends a new check or a money order for the remainder only to find out later that the original check bounced. Now Jake is left without the money he sent and is stuck with the bounce fee.
The ten-second summary of all articles of this nature is this: Don’t click on links in emails unless you really do know where that link is taking you, don’t give out passwords, credit card numbers or other sensitive info, and don’t send money overseas or to unsolicited requests.