It's really not that difficult to spot scams or hoaxes, really. Mainly, we all need to take a wary perspective of anything that looks suspicious. Did you get an email from a friend or family member - or someone you haven't heard from for a long, long time - and it just doesn't seem like something they would send? Or, does the email you receive look unprofessional - or have spelling or grammatical mistakes? Something seem "off"? You're probably right - and the best action to take is to simply delete it. Don't open - don't click - just delete.
Here are some more specific tips on recognizing and reacting to scams and hoaxes:
- Most companies have a very strict policy to respect your privacy. They will never ask for you to enter your account or financial information online. So if an email asks you to click a link to log in to an account, "verify" your password, credit card, social security information or anything else you should be keeping secret, do not enter it. This method to collect your personal or financial information is called "phishing". Another tip: If you hover (don't click, but hover) your mouse over a link in an email, you will be able to see the link somewhere on your screen. This is an extra step to look for a URL that looks suspicious (for example, "http://mychasebanking.com" instead of "https://chase.com".
- The adage is also rings true online: If it seems to good to be true, it probably is. One of the simplest forms of scamming is to promise riches and prizes. Online lottery winnings and being rewarded an inheritance sounds great, but in the end - you will be asked to enter your financial information into a fake form and you'll experience the reverse of winnings.
- On the other hand, some scammers use scare tactics instead. Did you get an email from a friend that "posted a video of you online?" Or a relative about being mugged in England? Or held ransom? Or are they requesting you send money online? Call them instead - and ask them to change their email username and password.
- Attachments are an easy vehicle for spreading viruses or malware on computers. Never, ever open an attachment unless you are expecting it and trust the one that sent it.
- Hoaxes are typically less threatening - but we'd do the Internet much justice by trying to stop them instead of spreading them. Did our president ignore Shirley Temple Black's passing but honored Whitney Houston's with flags at half-mast? Is there really a half-toilet in Sochi? Did you see the waves that freeze mid-way in Lake Huron? Did you hear about the technician responsible for the lighting failure during the opening ceremonies at Sochi found dead the next day? Splenda causes cancer and onions around the house will fight off the flu? These are all falsities spread by email. Do everyone a favor and check www.snopes.com before pressing the forward button in your email program.
The best approach to suspicious emails is to go directly to the source. If a strange email came from a friend or relative, contact them and see if they sent it. If not, they should thank you for the tip - and then change their password as their email account is probably compromised. If that strange email came from a company that you use: Instead of clicking on any links within the email, go directly to their website instead and login - or, call them.
You can also report suspicious emails to the government. They are most concerned with phishing scams, which can be shared at http://www.us-cert.gov/report-phishing. You can also find tips from CERT (Computer Emergency Readiness Team) at http://www.us-cert.gov/ncas/tips/.
In the end, my students know that email can be a safe and reliable way to communicate. But they also know that the Internet is much like the Wild West, and you don't open your front door for just anyone that knocks.