Personalized Scams and How Not To Fall for Them

Most of us have received an email from a supposed Nigerian prince who promises to transfer a life-changing fortune to our account if we simply hand over our banking information to him. While it would be incredibly awesome if it were true, and we all momentarily fantasize about the wonderful personal consequences of the prince’s largesse, we know better than to share such privileged information with a perfect stranger, no matter how perfect he may seem.

But what if you received a more believable email from someone who seemed not to be a stranger at all? What if the purported sender seemed to know things about us that an impostor simply couldn’t? Would you consider it legitimate? Would you respond to it? Would you click on links in the body of message?

Unfortunately, scam emails and text messages are becoming much harder to resist, because they seem so authentic. Their senders have managed to make them more believable because they have access to all sorts of personal data about us. With so much data about every person available online, some of which we posted ourselves on social media sites and some of which was collected and aggregated by others at sites like Spokeo, scammers don’t even have to do something illegal to gather enough information about us to craft an email that at least makes us ponder its legitimacy for a moment. Worse, if they have managed to hack into our accounts, or if they have purchased data from another hacker who has managed to do so, they can pepper the scam email with even more remarkable detail designed to reel us in.

Indeed, if that Nigerian prince had been just a bit more plugged in, he might have been able to get us to fall for his ruse after all.

How can we avoid being tricked by increasingly sophisticated and believable scams? As always when dealing with Internet pitfalls, a healthy dose of cynicism and an abundance of caution will serve you well.

  • Check the address of the sender. If the email comes from an address you don’t recognize, it probably wasn’t sent by someone you know or who knows you.
  • Consider the author’s writing style. Does it read like an email the purported sender would write? Or, if the email was supposed to come from an organization, is it written professionally, with very few grammar or punctuation errors, or is it riddled with problems that would give your English teacher’s red pen a workout?
  • Hover over – do not click – the links in the message. Look at the bottom-left corner of the screen and see where the link you have resisted the urge to click actually leads. It could lead to doom. If it looks fishy, it’s a phish, and the email is a scam.
  • Don’t hesitate to communicate old-school. If you have doubts about whether an email actually comes from someone you know, don’t engage online. Call or visit the purported sender instead. A more personal form of interaction can better establish whether the communication is what it seems.

A little bit of diligence and care can go a long way toward thwarting email and text scams. Unfortunately, in this age of ubiquitous data, we have to keep our guard up, because perfect strangers know strangely too much about us. When the scammers go personal, you go punctilious.

About Ray Klump

Professor and chair of Mathematics and Computer Science Director, Master of Science in Information Security Lewis University http://online.lewisu.edu/ms-information-security.asp, http://online.lewisu.edu/resource/engineering-technology/articles.asp, http://cs.lewisu.edu. You can find him on Google+.

One thought on “Personalized Scams and How Not To Fall for Them

  1. February 21, 2019 at 4:58 pm

    great!

Leave a Reply

Your email address will not be published. Required fields are marked *