by David Olson
NDVS/SB Information Technology
With the upcoming holidays, there is an increase in email and mobile phone scams. Scammers and hackers are calling or sending fake messages to gain information on things like passwords, account numbers, and social security numbers. If scammers gain that information, the effects can be devastating and damaging to your accounts and credit.
Text Messages
If you get an alert text message from your bank or a well-known business for a prize, try to take a moment and reflect on whether this email or message is really from the business. Before you take any action, the best option is likely to search online for the correct support or contact information if you have any questions. A few minutes to search for the business’s support number versus being hacked is well worth the time to find a proper contact. Below are more warning signs to watch out for in text messages.
The text message contains a suspicious link.
This is a huge warning sign. If the text message contains a suspicious looking link, it is a text scam. Do not click on the link or follow prompts from these fake text messages.
The message has no relevance to you.
If the message is completely random, unprompted, and has no connection to you or any activity you’ve undertaken, it is most likely a scam. The spam text message may say you’ve won a contest, a prize, or free money. An increasingly popular text scam is one which says there’s a delivery issue with a package.
The message is urgent or needs immediate action from you.
The message is urging you to act now. These types of fake text messages could pretend to be your bank or a government agency.
The text message contains misspellings or poor grammar.
Spam text messages can be identified by poor grammar, misspelled words, and awkward use of language. Real text messages from legitimate businesses will use proper grammar, punctuation, and spelling.
The text message is coming from a strange phone number or suspicious email address.
If a text message is coming from a lengthy and/or suspicious looking email address, it is a spam text message.
In all of these cases, the best thing you can do is contact the business directly before taking any action.
Emails
Emails are like texts, but it can be hard to spot a potentially malicious email. To decide whether an email is legit or not, it is worth taking time to listen and review the sections of the email message. The sections of an email and what to watch for are outlined below.
“From” line of an email:
· I don’t recognize the sender’s email address as someone I ordinarily communicate with.
· This email is from someone outside my organization, and it’s not related to my job responsibilities.
· This email was sent from someone inside the organization or from a customer, vendor, or partner but is very unusual or out of character.
· The sender’s email address is from a suspicious domain (like micorsoft-support.com, notice the misspelling of Microsoft).
· I don’t know the sender personally and they were not vouched for by someone I trust.
· I don’t have a business relationship nor any past communications with the sender.
· This is an unexpected or unusual email with an embedded hyperlink or an attachment from someone I haven’t communicated with recently.
“To” line:
· I was cc’d on an email sent to one or more people, but I don’t personally know the other people it was sent to.
· I received an email that was also sent to an unusual mix of people. For instance, it was sent to a random group of people at my organization whose last names start with the same letter, or a whole list of unrelated addresses.
Date line of an email:
· Did I receive an email that I normally would get during regular business hours, but it was sent at an unusual time, like 3 a.m.?
Subject line of an email:
· Did I get an email with a subject line that is irrelevant or does not match the message content?
· Is the email message a reply to something I never sent or requested?
Attachments:
· This is a huge red flag if you do not know who is sending you the email.
· The sender included an email attachment that I was not expecting or that makes no sense in relation to the email message. (This sender doesn’t ordinarily send me this type of attachment.)
· The attachment is a possibly dangerous file type. The only file type that is always safe to click on is a .txt file. Many others can launch and do harm to your computer.
Hyperlinks:
· I hover my mouse over a hyperlink that’s displayed in the email message, but the link-to address is for a different website. (This is a big red flag.)
· I received an email that only has long hyperlinks with no further information, and the rest of the email is completely blank.
· I received an email with a hyperlink that is a misspelling of a known web site. For instance, www.bankofarnerica.com (notice the “m” is really two characters, “r” and “n”).
Content:
· The sender is asking me to click on a link or open an attachment to avoid a negative consequence or to gain something of value.
· The email is out of the ordinary, has bad grammar, or spelling errors.
· The sender is asking me to click a link or open an attachment that seems odd or illogical.
· I have an uncomfortable gut feeling about the sender’s request to open an attachment or click a link.
· The email is asking me to look at a compromising or embarrassing picture of myself or someone I know.
If you made it this far, thank you! You are on the right track to putting the stop to unwanted attacks on your personal information and accounts. Communication points are such a targeted item as we often rush to help or click on something that seems like a good outcome. Taking these precautions can really help you be a safer online connected person!
If you have any questions, reach out to Dave at davidolson@nd.gov or 701-795-2712.