Avoiding Scams: Be Vigilant With Your Personal Data
As we enter into another busy Tax Planning season, we would like to remind our clients to be vigilant with their personal data. Hackers are continuing to get more sophisticated in their attempts to steal financial information. One example of this type of scam is phishing–where criminals send an email that appears to be from a legitimate company and ask you to provide sensitive information. This is usually done by including a link that will appear to take you to the company’s website to fill in your information – but the website is a clever fake and the information you provide goes straight to the crooks behind the scam. The term ’phishing’ is a spin on the word fishing, because criminals are dangling a fake ’lure’ (the email that looks legitimate, as well as the website that looks legitimate) hoping users will ’bite’ by providing the information the criminals have requested – such as credit card numbers, account numbers, passwords, usernames, and more.
Here are some clues indicating an email is a scam:
- The email is not addressed to the recipient.
- Grammatical errors or unusual grammar or phrases.
- A sense of urgency to respond: Is the message unusually pushy, asking for immediate action (often paired with some sort of dire consequence if you don’t respond)? Don’t take the bait and act out of panic.
- The link in the email doesn’t match the destination address
- And, finally, learn to trust your gut. If something seems amiss, it probably is.
Applying these two actions consistently will help to protect you from online scams:
- The easiest, and still one of the most effective, ways to protect yourself is to verify the sender. First, hover over the From display name to see what email address pops up (to hover, move your pointer over the information that you want to verify). It’s very common for an attacker to spoof a display name to look like it is coming from someone legitimate, but when you hover over the display name you’ll often find that message is actually coming from someone else.
- Another option—pick up the phone and give the sender a call. There’s nothing like a good old-fashioned, pick-up-the-phone and ask the person if they meant to send you the link or email document. If you do fall victim to a phishing attack, change all your passwords and notify your financial institutions immediately.