To Click or Not to Click, Could it be a Scam? How to Identify Scam Email and Safely Deal With It
Email, or e-mail, is often a trusted source of electronic communication for personal and professional applications. The first electronic message was sent between two different computers over 50 years ago and revolutionized the way we communicate. Unfortunately, email is sometimes trusted too much. Many people find themselves in a pickle after clicking on a link or attachment within an email that looks legit but turns out to be a scam. I will show you how to identify a scam email message and what to do when you encounter one in your inbox. But first, what is the difference between a scam and a spam email message?
Scam email is typically an attempt to take advantage of a situation and cause the recipient loss of money or use of their computer and data by secretly downloading a virus or ransomware. Whereas spam email is typically advertising from a commercial business in which you may or may not have done business with, to advertise items or services that may interest you. They are just annoying because it clogs up the inbox and important email messages often get overlooked. There is likely no cause for destruction if you click on a link within a spam email, however the scam emails are what to look out for. Below is an example of an actual scam email that was received by one of my clients.
The best initial indicator of scam email can be found in the email address of the sender. The name might say "Apple" but truth is found in the domain. It could be something completely different or appears to be nonsense. For example, Apple <firstname.lastname@example.org>. The senders email address has nothing to do with Apple. They do a good job of masking the email address to look like it is legit too. You can do a reply to the message and pay attention to the address to reveal any possible masks. Just don't hit send! Delete the draft message and you will be OK.
The scammers do their best by luring you in with important words or warnings to heighten your curiosity. For example, "Your Apple ID password has been reset." Of course, this would be a cause for concern if you did not reset your Apple ID password. However, don't be fooled. If you missed the sender's email address anomaly, the next best indicator of a scam email would come in the body of the email. The information won't make sense, contains spelling or punctuation errors, or does not apply or match your personal information. Sometimes extra emoji characters will be present in the subject line or throughout the body of the email. Often legitimate companies won't include these in their emails. In this example, the content reads quite well, however the spammer provided an Apple ID that is not the actual Apple ID of the recipient. Additionally, the content of the email may contain links for you to click to access or verify information. These links will often contain domains that are not associated with the source they claim. The links provided in the example are http://aeklink.com/appleid, the domain is aeklink.com.
Probably the most important way to know if the email is scam is it will be from something you did not request. Getting notification of a reset password that you did not make does raise a concern and should be verified, but not by clicking any links within the email that was sent to you. If you did just change a password and you received an email about it, chances are it's legitimate and will pass the test. To verify, go directly to the source by typing in the domain in your web browser, or accessing the application via your phone's app, to ensure security of the account. If you feel your account has been compromised, you should reset the password and any security questions right away and contact the institution or account manager.
Handling scam and spam emails requires a couple of steps and is easy. The best way to manage one when you receive it in your inbox is to mark it as junk and delete it. Many email servers will recognize any future emails received by these as junk and keep them out of your inbox by directing them to the junk or spam folders. It's a good idea to screen your junk and spam folders periodically as some good emails filter there. You can mark the good ones as not junk to restore to your inbox.
If you've fallen for the plot of a scammer and clicked a link or downloaded an attachment you now can't recover from, immediately turn off your computer. Use a different device to access your account at the source to notify and change passwords and security questions if applicable. Then call Texas Computer Guy to help ensure your computer is safe and free of any possible malicious spyware installed on your computer.