We hope that you will join us at The White House. Kindly respond to this email by November 5th and provide the following information on the attached spreadsheet. Details Requested: Your full name, gender, date of birth, Social Security number, city and state of residence, country of birth, and country of citizenship for you.
How would you react to reading that in an email?
If your brain didn’t immediately scream, “SCAM,” you should really get your Internet survival skills tested by a professional.
Giving up that amount of information would make any identity thief squeal with unadulterated joy. Unfortunately, this type of scam – commonly referred to as “phishing” – runs rampant in today’s digital world.
When this email landed in my inbox I immediately reported it as phishing in Gmail. You can do this by clicking the down arrow next to the reply button and simply clicking “phishing” on the menu.
I then tweeted a warning to other bloggers (the intended target of this email) telling them to be aware of a phishing scam.
*Warning Bloggers* If you get an email from the @WhiteHouse inviting you for a summit, it’s clearly a phishing scam. Don’t submit info!
— Broke Millennial (@BrokeMillennial) October 23, 2014
But a response I received made me pause.
“It’s real, so don’t miss the opportunity! I’ve confirmed. Reply to the initial email for more info.”
Suddenly, I started wondering if perhaps this wasn’t actually a scam to steal my identity. A few days later I received another email from a second group offering to provide me with accommodations during the conference.
After emailing back-and-forth with the second group, I started to realize this appeared to be a legitimate opportunity and my knee-jerk reaction nearly cost me the chance to attend an interesting summit. I’m still skeptical and doing more research, but the opportunity is beginning to check out as credible.
All this begs the question: how can you tell if an email is a phishing scam or legitimate?
Types of Scams
Phishing scams – crooks trying to get you on the hook – are usually created to get your financial or personal information.
There’s a fraudulent charge on your account scam
Fraudsters may send out emails that look like they’re from your bank or credit card provider. These emails may claim there is a case of fraud or issue with your account. It usually directs you to click a link or respond with personal information. Before you click any links in these emails, go look at your account and see if the alleged charge is actually on your statement or call your bank directly.
Who wants to be a millionaire scam
Other scammers may lure you in with the promise of money. Perhaps you just won big in the lottery (without entering) or a long-lost relative is reaching out to give you some inheritance or the classic Nigerian princess needs your help. If they want your bank account information to give you money, then you know they really mean to drain your account!
Tax time scams
Thieves have preyed upon the public’s general confusion about taxes and created elaborate IRS scams. Some have been in the form of telephone calls accusing the taxpayer of withholding money and demanding repayment or face jail time. Individuals have lost tens-of-thousands of dollars to this scam. Other IRS scams have come email claiming the recipient’s tax return is under review by the IRS and X,Y or Z advocate service can help. Or they may be claiming to be the IRS and request more information.
The IRS states on its website: “The IRS does not initiate contact with taxpayers by email to request personal or financial information. This includes any type of electronic communication, such as text messages and social media channels.”
If you’re the recipient of an email you believe to be an IRS phishing scam, then report to the agency by emailing [email protected]
What to do if you believe an email is a phishing scam
- Avoid attachments – Get an email with an attachment from an unverified source or something you weren’t expecting? Be wary. Opening an attachment could lead to a virus. Scammers could even have gained access to an acquaintance’s email account if a virus compromised his or her computer.
- Don’t click – Fraudsters can use links to route you to a fake site, often made to mirror the site you think you’re clicking through to. This is when a thief will ask questions to steal information including credit card details, bank account information or a social security number. You can hover your mouse over a link to see if it’s legitimate. For instance, the fake URL may take PenFed customer to PensFed.org instead of PenFed.org. In Gmail, the URL pops up in the lower lefthand corner of the screen, not right above the hyperlinked text.
- Mind the wording – Are you greeted by name in the email or simply called “Cardholder” or “Valued Customer”? This may be a sign of a scam. Historically, phishing scams often had typos and grammatical errors, but as the scammers became more industrious, so have their emails. It still doesn’t hurt to keep an eye out for typos.
- Can you send an email back? – Engaging with scammers isn’t a great idea, but if you think it may be credible, like in my case with the summit, see if you can respond to the sender. If you engage in a dialogue, there is a higher likelihood you can suss out whether or not it’s a scam.
- Don’t give them information – Trust your gut. If something seems off then it probably is and you certainly don’t want a thief getting his hands on your information. Make contact with your financial institutions yourself and protect your social security number.
- Report it – Report the scam to your financial institution or company being spoofed in the email. You can also report it on email, which should block that email address from ever being able to email you again.
Remember: trust your gut. If something smells fishy – it probably is!
Have you ever been the victim of a phishing scam?
Want regular updates about some of the best financial products out there? Then sign up for our Price Checker Newsletter. Twice a month, we’ll deliver our list of the best-of-the-best right to your inbox.