- The Safety Net
- Posts
- Call Me Scams
Welcome to The Safety Net, a newsletter that profiles scams and helps you protect your family from them. If you like this issue, please share it with anyone who might like it. Thanks!
Photo by Paul Hanaoka on Unsplash
Common Scam: Call Me
As scam prevention tools improve, scammers have found creative ways to bypass them. For example, scammers know that text message spam is filtered by your mobile carrier. They also know that emails with links are often flagged as spam. So, how do they get around both text and email spam filters?
Here’s a real scam that shows you how:
Rather than trying to get you to click on a link, the scammer attempts to trick you into sharing your information directly with them over email (or text.) In this case, the scammer pretends to be someone you know, then creates a false sense of urgency to get you to act quickly. This kind of mail is more likely to bypass spam filters and appear legitimate in your inbox.
If you do send them your number, they already have three pieces of your personal information: your name, email, and phone number. That alone might be enough for them to hijack your accounts. In a SIM swap attack, the scammers pretend to be you and convince your mobile phone company that they lost their phone and need a new one. As soon as they get the new phone with your phone number, they can more easily pretend to be you and intercept security codes for logging into your accounts.
Even if they aren’t going to use a SIM swap attack, they might text you on your number to continue the scam. Sometimes they ask you to buy them gift cards, or send them money directly. By hopping from email to text, they know that existing systems are less likely to pick up on the scam and protect you.
So, how can you and your family protect yourselves?
Call to verify. Most people who need to reach you should already have your phone number. If they don’t, you can ask for their phone number and call them instead of them texting you. It’s easy to pretend to be someone on text, but much harder on a call.
Check email addresses. Scammers can fake a name but not an email address. In the above example, the email address claims to be “Jane Doe” but the address is “[email protected],” which is clearly a fake.
Think about it. Is it really likely that this person would email you in the middle of a meeting and ask for your phone number? If they had to reach you, wouldn’t someone else in that meeting have your number? Your brain is your best security tool, and since scams are built on thin facades you can see through them if you think about it.
These scams can be hard to identify since our phone numbers do change, and it makes sense that there might be an emergency for someone who doesn’t have our new number. However, the more you think about it the less likely it really seems. Like with most scams, if you slow down and think about them (resisting the urgency) you can protect yourself by not responding at all.
Quick Tip of the Week: Freeze your credit.
Whenever you open a new bank account, credit card, or loan, your credit is checked against one of the major credit agencies. These agencies keep a record of you and all of your financial interactions to decide if you are a credit risk. Those same agencies allow you to freeze your credit record, which prevents anyone from checking your credit or creating new accounts. It is inconvenient, as you need to unfreeze everytime you want to take out a car loan or new credit card, but it ensures that a scammer who accesses your personal data cannot open up accounts with your identity. Unfortunately, you need to freeze your credit with each agency individually. Here are the links to get started:
Have you come across a scam recently? Received some weird messages that you think might be a scam? Forward them to [email protected] and we’re happy to help! We’ll take a look and let you know what we think, and if it is a scam we’ll profile it in future issues of The Safety Net to protect others.