IT Service Desk‎ > ‎

Dealing with SPAM Email

HelpDesk tip ……


Q:  Help, what do I do with the strange email that I received.

Often, we receive odd emails that passed thru our email server.  The emails may come in the form of a fake voicemail attachment or instructed the users to verify their email addresses or user info and to do that by clicking on a link or opening an infected attachment.  To the user the email looked very legitimate.  Unfortunately for some this resulted in a virus on their machine, or files being corrupted or their account security being compromised.  

While every effort is made to provide a secure business environment,  the IT Dept also relies on the end users to be proactive by evaluating each email before clicking links or opening attachments. 100’s of new viruses occur each day.   Below are some of the most common malicious emails

  • "You have a New encrypted message from your bank"
  • "USPS is notifying you that your package is available for pickup"
  • "You have received your payroll invoice"
  • "Your FED TAX payment was rejected"
  • "Advisors Online Documents Activated"
  • "Transaction notification from your bank"
  • "To all Employees - Confidential Message"
  • "Incoming Fax Report"
  • “Your password is about to expire”
  • “Please verify your user info”

………….So.. how do you know what’s safe .. ?

Good question! Sometime you just can’t simply tell and you have to rely on your judgment.  But here are some best practices to help in those decisions.  Knowing how to avoid scams, spam and phishing is a critical life skill. There are some simple safety measures will help you dodge the risks – whether the scam comes via the phone, regular mail, an email, or somewhere online.

 

Answer: 

Best Practices 101-

Slow down.

Spammers want you to act first and think later. If the message conveys a sense of urgency, or uses high-pressure sales tactics be skeptical; never let their urgency influence your careful review.

Look for errors.

A great deal of spam is of poor quality with lots of spelling, grammar, and layout flaws. If you see obvious errors you know it’s a fake. However, the lack of errors does NOT make the offer legitimate. Smart scammers can spell, and they can make a fake email look as good as a legitimate one.

Research the facts.

Never believe unsolicited messages offering financial solutions, hot stock tips, refinancing etc. If the email looks like it is from a company you use, do your research. Use a search engine or contact the company directly (see #6) to learn more. If the offer is for an investment, have someone at your bank, a financial consultant, or trusted advisor review the deal before handing over a dime.

Delete any request for financial information or passwords.

If you get asked to reply to a message by providing your bank account, bank routing information, credit card numbers or passwords, it’s a scam.

Reject requests for help or offers of help.

Legitimate companies and organizations do not contact you to provide help. If you did not specifically request assistance from the sender, consider any offer to ‘help’ restore credit scores, refinance a home, etc. a scam. Similarly, if you receive a request for help from a charity or organization that you do not have a relationship with, delete it. Charity scams tug on heartstrings especially after a disaster strikes. To give, seek out reputable charitable organizations on your own to avoid falling for a scam, and research how much of the money donated will actually get to people in need.

Don’t let a link in control of where you land.

Stay in control by finding the website yourself using a search engine to be sure you land where you intend to land. Hovering over links in email will show the actual URL at the bottom, but a good fake can still steer you wrong. Curiosity leads to careless clicking – if you don’t know what the email is about, clicking links is a poor choice. Similarly, never use phone numbers from the email; it is easy for a scammer to pretend you’re talking to a bank teller.

Comments