The most common way that a criminal, phisher, or other type of fraudster gets information from you is through official-looking emails.
One doesn’t have to be a technology expert, but rather have good attention to detail and paying attention to what kinds of communications you receive.
- If any legitimate company asks you for account information via official communications, it’s fake and at attempt at phishing.
- When you’re reading emails, check the email address. If the portion after the ‘@’ doesn’t match the company’s official domain (I.E. linkedin.com), don’t do anything with it. Similarly, look to see who the email is coming from and what they seek.
- Even if grammar and spelling isn’t your forte, read the email carefully. Typos are the fastest indication of fake emails. Official company-generated emails are put through multiple channels of quality checks before they are implemented as official communiations. If you ever question whether an email you receive is legitimate, contact the company directly. My first article on LinkedIn was about this topic.
- When a call whose number is not in your caller ID comes in, ask who the caller is looking for if the caller doesn’t first. Listen to the voice on the other side and the words they use. Unless you can verify that you are talking to someone who would be authorized to receive what they ask for, don’t give them any information. Depending on the insistence of the caller, feel free to call the business to report an imposter.
- Speaking of caller ID, when a number comes up, be sure that it’s reasonable for that person to be calling you. People like to impersonate well-known people and will use someone’s emotional state to manipulate them into giving out all sorts of personal information. If you’re in question as to who called you or how they might have received your number, hang up the phone and check the phone number. If you want answers, call the number back and see if you get an kind of response.
- When someone calls you from an official business line, ensure that they answer with their name and their business. Also, listen to the background noise on their side. Just about every call center in the nation has people that use headsets that will filter out most background noise. If anything seems suspicious about the call environment, hang up the phone and try again.
- Most business professionals as part of their email communications will have a professional signature if it comes from their company-assigned email. Again, check their spelling and grammar. While nobody is expected to be an English major, the basics of sentence and paragraph structure should be present. One thing I do if it’s someone I’ve never heard of or from, is I will follow their social media links and compare some details. A motto I live by: “Trust, but verify.”
- If you get a text message from a company, make sure you’ve opted into their communications. Otherwise, check the formatting of the message and the words they use. When in doubt, delete the message. If the name comes from a company that exists, but you don’t do business with, consider contacting the company directly about the communication.
- Under no circumstance should any government agency need to contact you unless there is a solid reason, or you have initiated contact with them in some form. The majority of official communications will be in writing on agency letterhead with their logo and contact information. Along with the other bullet points above, if you suspect trouble afoot, contact the agency. In the case of government agencies, keep those communications regardless of written medium.
Just remember that when you are going through the arduous task of proving your identity as part of an official communication, there are criminal masterminds who have become experts at impersonating companies whose security is lacking. I’d rather have you verify my identity and then work with me, than just assume that I am who I say I am.