The more things change, the more they stay the same.
About 15 years ago, one of my team members was in the convenience store business. One day she found an interesting-looking envelope in her inbox. It was from Nigeria. Having been a stamp collector in her younger days, she was immediately attracted to the stamp and intrigued by the idea of getting mail from Africa.
Upon opening the letter, she was invited into a scheme to help a widow safely get her funds out of Nigeria and into a U.S. bank. Immediately suspicious, she contacted the local office of the FBI. While they were interested enough to ask for a copy of the letter, they informed her this was a known con tactic, and she needn’t worry about it further.
The FBI was surprised that she, the owner of a single convenience store, should be targeted by these con men. But when they heard the name of her company, it all made sense. Her company was called “Century Farm Oil”. So although it was a small business, to someone in Africa looking for wealthy U.S. business owners, it sounded much more substantial.
Nowadays, this scam has moved online with many others. The cost of looking for company names and sending physical letters is gone. So the net for catching likely victims has grown much wider. Anyone with an email address is now fair game.
In addition to more traditional cons like The Nigerian Scam (which is a variant of The Spanish Prisoner con from the 1920s), we now have phishing attempts, eBay scams, ransomware, and ever-more-inventive schemes to trick us out of our money.
In fact, as a computer company, we are always alarmed by the number of calls coming into our tech support desk from customers who have been a victim of phishing, malware, or viruses.
The most common ways to become vulnerable to such attacks are
- Shopping online
- Checking email
- Accessing social media networks
I discussed how to stay safe while shopping online in an earlier post. Today, I want to talk about how to stay safe while checking your email or social media accounts.
Rather than give you a list of specific scams (readily available elsewhere), I want to focus on some general principles for safe online activity.
Tip #1. Learn How to Spot Fakes And Scams Quickly
Your time is valuable, so why waste it trying to figure out if an email is bogus or not? You want to be able to spot a fake as quickly as possible so you can move on through your massive list of unread emails.
Here are the top things to look for and immediately cull from your reading list:
- The subject line contains a threat to shut off an account you don’t own. Example: the email threatens closure of your Wells Fargo account, but you don’t bank with them.
- The subject line contains a threat to shut off an account where you DO do business, but the URL is weird. Maybe the email is from W3llsFarg0.com instead of WellsFargo.com.
- The ‘from’ URL doesn’t look legit. Many URL’s won’t even be close. Example: the email claims to be from Amazon, but the URL is reply.alpha-lt.net.
- If you open such an email, are there lots of typos or is the English poor? Corporations only send out perfect copy.
Sometimes corporations do send out notifications of a problem, or information about attractive offers. But before you click on that link, be extra sure. Go to the company’s website the way you normally would, like if you were going to pay your bill. If the email is truly legit, there will be a notification waiting for you, or a description of the offer they have for you.
Sometimes corporations do send out emails inviting you to apply for a job. But before you click on that link, look up the name of the company on Google. See want you can find out about them on glassdoor.com.
If you supposedly won something, did you enter that contest or buy a lottery ticket? If you can’t remember, find another way to check out the URL before you click.
If it’s an online greeting card, is it from a reputable site? Google ‘online greeting card’ to find out.
If it’s an inflammatory news item, look up the topic in Snopes.com and check the facts… before you send it on to your mailing list, maybe making yourself looking silly to a couple dozen people, and potentially exposing them to potential scams.
And here’s my particular bugaboo: Just have a policy of not responding to chain email, ever.
Seriously, didn’t we learn this back when there was snail mail?
Even if it isn’t asking for money, the scheme may be a clever attempt to round up email addresses. Yet people are still willing to send on a chain of sentimental well wishes rather than appear to be uncaring.
Experts tell us that, most of the time, your friends who participate in chain schemes are NOT watching to see if you play along or not. They aren’t going to notice if you break the chain. And you shouldn’t feel any obligation to do so.
Tip #2: Install Malware Protection Software
I’ve written before on the dangers of ransomware. But that’s just one category of malware.
I wouldn’t run any computer, even one for non-business use, without malware and virus protection. It’s especially important to protect a computer you use for trading or other business/financial purposes.
When evaluating which software to buy, look for reviews from reputable sites, such as PC Magazine. Beware of reviews written by individuals who are really only interested in the commission they’ll make when you click their link to buy a product they recommended.
Look for software that will keep you from loading bad pages, that will block malware and viruses, and that will help you get rid of bad software if your computer does become infected.
And keep it updated. Otherwise, you won’t be protected from that new virus your outdated software doesn’t know about.
Finally, just in case, get decent back-up software and set it to run nightly.
Tip #3: Avoid Multi-Tasking
Even if you know what to look for, if you aren’t paying close attention when you’re scanning your email or clicking through social media, you could end up clicking on something bad by mistake.
Have you ever just been in autopilot mode, clicking on stuff without fully thinking about what you’re doing? Maybe someone is talking to you at the same time. Maybe you’re listening to radio or TV. This is just dangerous.
You wouldn’t enter a trade at the same time you’re having a conversation. It’s too financially risky.
Scanning and opening email or clicking on Facebook posts without really thinking can be financially risky too. Focus on what you’re doing before you click on something you haven’t fully read.
Similarly, the same thing goes for when you’re about to download something free. Often these pages will have tons of eye-catching green “Download” buttons, most of which are for downloading something else (like malware) rather than for downloading the software you really want. It’s extremely easy to click the wrong button if you’re not being super, super careful.
Tip #4: Be Proactive About Reporting Scammers
Notify companies any time their emails are impersonated. Most credit card companies have a special email for reporting fraud (e.g., [email protected]). Just Google “report fraudulent email”, following by the credit card name.
(Also, credit card companies will often have a page to help you spot phishing emails such as the one for Discover card.)
By the same token, look out for your friends on email. When forwarding stories (after checking them out on snopes.com) or jokes or funny memes, delete all the previous email addresses to protect the addresses of all those friends and friends of friends.
Tip #5: Let Friends Know if They’ve Been Hacked
If you get an email that appears to be from a friend’s email address, but it’s just a plain link or says something like “you’ll love this”, send your friend a new email telling them their email has been hacked.
In your email, suggest they change their password. Wouldn’t you want to know?
The same thing goes for social media. First, don’t respond to a friend request if you find yourself saying “I thought we were already friends.”
Then, go look at the profile picture. Go look at the entries on the timeline. If it’s an impersonator, there won’t be more than one or two entries on the timeline.
Finally, be a good friend and message your friend on their real profile. Suggest they change their password and post an update about the impersonator.
It’s a shame we have to be so vigilant about our online security. But at least by following these few tips, you’ll rest easier knowing you’ve done everything you can to protect yourself and your trading computer.
We hope today’s Quick Tip helped you. If you found this helpful, you’ll want to check out the other computer How-To’s I’ve created on this page. You can always call us if you have questions: 800-387-5250