Security spotlight - Email Scams
Are you email savvy? Despite being around since 1971, email is still a communication tool most of us use today.
Its wide use and reliability continue to give it the edge against emerging messaging platforms, however, it can be the cause of a lot of problems, frustrations and cybercrime.
In this 2 part blog series, we're going to help you become more email savvy in two areas: firstly we will look at how to avoid email related scams and the next time we'll look at general email knowledge.
What is 'phishing'?
Phishing is when someone emails you trying to get personal information (like bank account numbers and passwords), so they can use it to defraud or impersonate people. These emails can look very real, and some will even use the branding and logos of a legitimate organisation to make the email seem genuine.
They could be pretending to be from your phone or internet company, a law firm, your bank or even the government. The scammer might ask you to update your details, provide details, make a payment or another request that gives them access to your personal information.
Phishing scammers will contact a large number of people in the hope that some of them will fall for the scam. These scams can seem like they’re being sent just to you, but in reality, the same scam is likey being sent to thousands of people at the same time.
Sometimes they will say you have some kind of ‘deal’ to be claimed. For example, a scammer may send out an email telling people they have won a lottery, and to claim the winnings they need to provide some details. Other phishing scams use scare tactics, where the scammers try amd threaten legal action if you don’t give them information or money.
How can I protect myself?
The good news is that there are some basic rules that will help keep you safe:
- Don't open emails from someone you don't know or trust - If it seems fishy, it probably is. Report the message as spam and move on.
- Avoid sending any sensitive information over email - When you send a message, you no longer have control over what is done with it or to whom it is forwarded. Sensitive information such as passwords and bank account numbers.
- Be cautious about emails asking you to update or verify your details online
- Be cautious of emails saying you’ve won prizes from competitions that you don’t remember entering
- Be cautious of emails that try to get you to act quickly by threatening you with legal action or loss of an account
- Ignore any emails asking you to provide personal information like passwords, or banking information - Remember legitimate organisations like banks will never ask you to send them your password
- Only open email attachments when you’re expecting them
- Use antivirus software - It is highly recommended that you install and maintain good and well-respected antivirus software on your computer to prevent infection. Scan all email attachments with an antivirus program before downloading, even if they come from someone you know. Don't have antivirus software? We can help install the right solution for you.
If you’re unsure if an email is from a legitimate organisation, you can contact them to ask. If you do contact them, make sure you go through their official contact channels – don’t use the phone numbers, websites or email addresses included in the email.
If you’re still not sure if an email is legitimate you're welcome to contact us for advice and as we've said before, the Golden Rule applies - If it sounds too good to be true, it probably is!
If you have already become the victim of a scammer and given out your personal banking details or sent money to the person who scammed you, contact your bank as soon as possible to stop anything in progress.
Next, you'll want to reset your passwords. You can then bring in your devices to us and we'll give them a check over to give you the peace of mind to use your device again once everything is under control (we can also help with resetting passwords and updating your devices if needed). We can also recommend and install anti-virus solutions on your devices to give you an extra layer of proactive protection.
If the scammer is pretending to be from a legitimate brand you can forward it to that organisation so they know about it and can help protect others:
- BNZ firstname.lastname@example.org
- ASB email@example.com
- Apple firstname.lastname@example.org
- ANZ email@example.com
- Countdown: firstname.lastname@example.org
- Waka Kotahi (NZTA): email@example.com
- Westpac firstname.lastname@example.org
- TSB email@example.com
- TradeMe firstname.lastname@example.org
- PayPal email@example.com
- Kiwibank firstname.lastname@example.org
- IRD email@example.com
If you're unsure or would like to learn more, please don't hesitate to give us a call and we will be happy to give you some advice.