Handling the Hucksters
Scammers will try to take advantage of every situation—every scam, con and swindle is created in effort to steal your personal and financial information. Don’t let them. Be skeptical of every unsolicited phone call and email you receive, and take care when surfing the web.
Hang Up on Phone Fraud
- Don’t answer calls from phone numbers you don’t recognize or from calls you’re not expecting. If you answer and discover it’s a robocall, just hang up. You don’t need to say anything and you don’t owe any explanation.
- Never give personal information to unknown callers or allow them access to your computer over the internet. Instead, hang up and call the organization directly to find out if the call was legitimate.
- If someone calls and claims to be with a government agency, no matter how official or serious the situation sounds—hang up. The longer you stay on the line, the more likely you are to become a victim.
- Don’t trust callers just because they know some of your personal information. Due to numerous data breaches, many fraudsters are providing victims with their SSN to build trust.
- Contact the agency that supposedly called you. Look up the number on your own—don’t trust your caller ID or the number the caller may have given you.
Don’t Get Hooked by Email Phishing Schemes
Phishing is one of the most popular email scams. Hackers use “bait”—a seemingly legitimate file or link—to “phish” for victims and gain personal information. Email security threats come in many forms. Here’s how to recognize fake emails.
- Don’t trust the display name. Often, a phishing email will come from an address that appears to be genuine. Hackers aim to trick recipients by including the name of a legitimate company within the structure of the email and web addresses. If you only glance at these details they can look legitimate. However, if you examine them, you may find that it’s a bogus variation intended to appear authentic—for example, email@example.com rather than firstname.lastname@example.org.
- Look but don’t click. Hover your mouse over any links embedded in the body of the email. If the link address looks suspicious, don’t click on it.
- Check for spelling mistakes. Legitimate messages usually do not have major spelling mistakes or poor grammar. Read your emails carefully and report anything that seems suspicious.
- Analyze the salutation. Beware any email addressed to a vague “Valued Customer.” Legitimate businesses often use a personal salutation with your first and last name.
- Don’t provide personal information. Legitimate banks and most other companies will never ask for personal credentials via email.
- Beware of urgency and drama. Invoking a sense of urgency or fear is a common phishing tactic. Beware of subject lines that claim your “account has been suspended” or your account had an “unauthorized login attempt.”
- Review the signature. Lack of details about the signer or how you can contact a company strongly suggests a phish. Legitimate businesses always provide contact details.
- Don’t click on attachments. Hackers commonly include attachments that contain viruses and malware, which can damage files on your computer, steal your passwords or spy on you without your knowledge. Don’t open any email attachments you weren’t expecting.
- Don’t believe everything you see. Phishers are extremely good at what they do. Just because an email has convincing brand logos, language and a seemingly valid email address does not mean that it’s legitimate. If it looks even remotely suspicious, don’t open it.
- Don’t be fooled by scammers running fraudulent fundraisers. GoFundMe.com offers detailed advice about how to distinguish a genuine GoFundMe campaign from a fake one.
Stay Secure When Web Surfing
- Only visit secure websites with domain names you recognize. A secure website begins with https:// rather than http:// and has a padlock symbol in the top left corner. That “s” stands for secure and means that your data is encrypted as it passes from your internet browser to the website’s server. That “s” does not mean the site is legitimate, however, so make sure you recognize the organization and domain name. Bookmark trusted websites for future use.
- Choose strong passwords. Use uppercase letters mixed with lowercase letters, numbers and, if the system allows, special characters. Do not include any personal information in your password that hackers can guess from other personal information they obtain. Do not use the same password across multiple websites, because that increases the chance of having the password compromised. Do not use a single word spelled correctly in any language. This is the time to intentionally misspell a word or use numbers and symbols in the place of letters.
- Choosing a strong password is easier said than done, right? And how do you remember all those strong passwords? Invest in a good password manager (bit.ly/2yUlz0i) that has other security features.
- Install antivirus software on your computer and keep it up to date.
- Invest in identity theft protection (bit.ly/2Z1H75V).
- Monitor your credit for free (bit.ly/2Wsk3LO).
First-Line Defenses for Scams
- AARP Fraud Watch Network (aarp.org/money/scams-fraud): Call 877-908-3360 to talk to a trained volunteer on the Fraud Watch Helpline.
- California Attorney General’s Office (oag.ca.gov/consumers#topics): Learn about common scams and other consumer issues.
- FBI (ic3.gov/default.aspx): File a report with the Federal Bureau of Investigations Internet Crime Complaint Center.
- Federal Trade Commission (ftc.gov): File a consumer complaint, report identity theft and register for the Do Not Call list. Report suspicious emails to the Federal Trade Commission at email@example.com. If you believe you have been taken advantage of by a spam scam, file a complaint with the FTC online at ftc.gov/complaint.
For more Village news, click on the tag “What’s Up in the Village” below.