Protecting Ourselves from Email Scams
It’s so important to protect ourselves from email scams and all different kinds of security issues in this day and age. So here I am to help you out with some of these issues.
Quote of the day: “Only two things are infinite, the universe and human stupidity, and I’m not sure about the former.” Albert Einstein
While I had to giggle at Einstein’s quote, I don’t think we are necessarily stupid when we get scammed or hacked. Most of us are hopefully trusting, and that’s where it gets hard.
Before I dive into the subject of email scams, I want to review a couple of security concerns for blogs and social media.
Blog and Social Media Security
Blog
If you have a blog over 6 months old, trust me when I say you need some extra security. I realize it’s an extra cost, but once you’ve put SO much time and effort into your baby, you don’t want it erased overnight.
I don’t understand why hackers want to waste their time on a fashion blog anyways, however, it happens. I’ve had a couple of issues myself, so my husband, who has a masters in IT suggested Sucuri. Rob recommended Sucuri because he used their service with a non-profit he was working for at the time. I do get a commission if you go through my link. It costs about $200 for the year, but they were extremely helpful when I was having Pinterest issues.
Social Media
Many of you are on social media as a hobby and way to keep up with the kids or grandkids. And that’s absolutely wonderful. I talked about the advantages of the internet and social media for older women this summer.
If you missed that post, or if you missed the part about two factor authentication, please stop reading now, and put it in place for ALL of the media sites you are on. I know it seems silly when you are doing this for a hobby only. But it’s such a hassle if/when your account gets hacked. Heck, it just happened to my mom on Facebook, so it can happen to you too.
BTW, I included the steps for the two factor authentication for Instagram, Pinterest, and Facebook in the blog post. What I forgot to include is the steps for Amazon. And since Amazon is big now, here’s what you should do.
Email Scams
First I need to thank my bestie, Maureen, for writing this for me. You may remember her from our Alaska cruise since she joined us on the cruise and in the blog photos. This scenario happened to her, and she handled it so wonderfully, I asked that she share it with all of us.
In Maureen’s words:
I received a message with an “Urgent – read now” subject line (first red flag). I don’t recall exactly what was listed as the sender, but it was something along the lines of “undisclosed” (2nd red flag). However, I was able to click on it and use a “detail” feature in my email to get more information. It then appeared to come from an email address with which I was familiar (a university at which I had gone on a retreat). This is known as spoofing a trusted email address.
Lesson 1 & 2
The body of the email indicated that the sender had “hijacked” my email account but was very vague on how it happened, just saying that sometime in the last “6 months” I had logged on in over an unsecure line (3rd red flag). I knew this was highly unlikely as I am very careful about when I put passwords into a computer -which is generally just my phone – and you should be very careful too (Lesson 1). Always use a secure wifi (not public) access. Also, especially if you’re ever going to a bank or financial site, make sure that the website itself shows security (htpps – “s = secure” and a “lock” icon).
I generally remain “logged in” on my phone and don’t even need to put in the password again. So unless the person had physical access to the phone or had a malicious link, I didn’t think they could have hacked the account. Lesson 2 – don’t ever click on links or open attachments from people you don’t know . . . or even if it appears to be from a friend but looks suspicious in any way, check with them first to make sure they really sent it.
The email then went on to imply that the sender had screenshots of “inappropriate websites” I had accessed over the last 6 months (4th red flag as I know I have nothing to worry about in that regard!) and indicated he/she would send to everyone in my address book and also potentially “lock my computer (phone?)” in 48 hours if I did not pay a $444 ransom in bitcoin (a untraceable tech currency); a link was provided to assist me in paying the ransom. Of course I did not click it (see lesson 2)!
Lesson 3 & 4
However, I was worried about 2 things. First, there are true cases of malware that gets put on computers and locks up all the files unless a ransom is paid; this usually targets corporations. But, just in case, I went to my carrier’s local store and spoke to someone. They agreed that this was almost assuredly a scam trying to extort money from someone not savvy enough to realize; however, they did tell me that my phone could be “wiped” clean and reset to the factory default if there truly was any malware that made this necessary. I wasn’t too concerned as most of my important information is “backed up” in the cloud and not permanently on my phone (computer).
Lesson 3 – have a backup storage plan. Even if something just happens where you lose your phone or it gets physically destroyed, you will be happy that you have things saved elsewhere. Second, I worried that somehow, if there was any chance of malware on my phone (unlikely since I have settings to scan incoming messages and regularly run a “check” for viruses, etc. . . . and you should too – Lesson 4), if there was a way that it would send out anything (virus, malware link, etc.) to people in my address book, I wanted to warn them not to open anything from me for the next few days (until the alleged deadline had passed). I told them what had happened and that I wasn’t going to be sending anything out.
I took a couple final steps to address any lingering concerns: First, contacted the University whose email address had been used. They indicated that they were aware of the situation and that their tech department was addressing it. I was asked to forward the emails (I got two more saying basically the same thing) and did so.
Lessons 5, 6, & 7
Finally, for my own peace of mind, I changed my email password. (I signed in and accomplished this task on a computer instead of my phone in case there was some sort of keystroke malware the phone. Lessons 5, 6, and 7 – although I’m sure you’ve heard this many times: Don’t use the same passwords on all your accounts (as it puts them all at risk if one is jeopardized); make your passwords complex – include capitals, small letters, numbers, and symbols; change passwords frequently (I aim for annually).
In the end, all was well, and for that I am certainly grateful. However, it certainly made me think about and review the practices I have in place to guard against fraud. Whether these ideas are new to you or just a review, I hope they were helpful.
Photo credit: Rob Filogomo
If You’d Like to Help Me
I couldn’t keep this blog going without your wonderful support and help, so thank you. If you have ever wondered what more you can do besides reading the blog, here are some ideas.
Follow me on other social sites to get totally different outfits and perspectives about life. You can find me on these platforms: Facebook, Pinterest, Instagram, and You-Tube.
Share, share and share wherever you can!!
This post contains affiliate links. When you shop through my links and side bar ads, it helps support my business (at no additional cost to you) so thank you!
Get the Inside Scoop
I’m bribing you to sign up for my emails by having a monthly giveaway for email subscribers only. I also update you on great deals and activities that you might find interesting along with some sneak peeks about what’s going on in our personal lives that I don’t share here on the blog. Just add your email address to the box that says email below.
