Strangely enough, although the bulk of my Friday columns deal with financial services/financial planning and the like, I do get emails that are slightly off that course. Recently, I received four of them having to do with fraudulent email. I'm not quite sure what this has to do with financial service/financial planning "and the like," but it obviously is on the minds of four people, and perhaps many more.
So, I turned to my friends at PayPal who have come up with 10 ways to recognize fake or what's sometimes called spoof emails. What is a fraudulent email?
A fraudulent or spoof email pretends to be from a well-known company, and is an attempt to get personal information from you. People who send such emails hope to use your personal information, such as credit and debit card numbers or account passwords, to commit identity theft.
But you can prevent spoof from affecting you. Here's what to watch out for:
Generic Greetings. Many spoof emails begin with a general greeting, such as: "Dear XYZ member." If you do not see your first and last name, be suspicious, and don't click on any links or button.
A Fake Sender's Address. A spoof mail may include a forged email and address in the "From" field.
A False Sense of Urgency. Most spoof emails try to deceive you with the threat that your account is in jeopardy if you don't update it as quickly as possible. They may also claim that an unauthorized transaction has recently occurred on your account.
Fake Links. The text in a link may attempt to look valid, and then send you to a spoof address. Always check where a link is going before you click. Look at the URL in your browser or email status bar. If the link looks suspicious, don't click on it.
Fake Web Sites. Some emails will look like a Web site to get you to enter personal information.
Deceptive URLs. If you see an @ sign in the middle of a URL, there's a good chance this is a spoof. Legitimate companies use a domain name. For example,
Misspellings/Bad Grammar. Spoof mails often contain misspellings, incorrect grammar, missing words, and gaps in logic.
Unsafe Sites. The term "https" should always precede any Web site address where you enter personal information. The "s" stands for secure. If you don't see "https," you're probably not in a secure web session.
Pop-up Boxes. Generally not secure.
Attachments. Like fake links, attachments are frequently used in spoof emails and are dangerous. Never click on an attachment. It could cause you to download spyware or a virus.
These 10 items, courtesy of PayPal are worth noting. They are simple to understand and follow, and will go a long way in reducing fraudulent emails.
