It’s getting harder and harder to determine if something is a scam, particularly on the internet or over the phone, and your best bet is to just assume it is.
In his book “ Excellent Advice for Living “, author Kevin Kelly puts it this way:
Assume anyone asking for your account information for any reason is guilty of scamming you unless proven innocent. The way to prove innocence is to call them back, or log in to your account using numbers or a website that you provide not them. Don’t release any identifying information while they are contacting you via phone, message, or email. You must control the channel.
I had this recently when my bank called to have me verify some information on my account. I’m pretty sure it was really them, but I had no way to know for sure. They were asking me to prove who I was, while I was asking them to prove who they were. It was almost humorous, but they couldn’t convince me that they were really my bank so I hung up. I later called the bank directly and it turns out it really was them, but it very easily could have been a scam.
With technology today you can’t trust:
- The number that someone is calling from.
- The voice on the other end (thanks to AI simulated voices).
- The email address that an email appears to come from.
- Even some personal information that helps “prove” that they’re legit, as much of that is leaked around the web.
For example, a common email scam the past few years is when a scammer reaches out to say they recorded you watching pornography through your web cam, and they provide you with a real password of yours as means of proof. Forbes details this scam quite well, but in this case they simply took a pile of leaked passwords and emailed everyone and showed them the leaked passwords. Most likely never watched pornography anyhow and trashed the email, but those that had viewed that kind of material had an email that looked awfully convincing and many paid out to “protect” themselves.
How to stay safe
As Kevin says in the quote above, the way to stay safe is to control the channel. If “your bank” calls, hang up and call them yourself. If you get an email about needing to update your password on a particular site, trash the email and go manually type in the website yourself. If you control how you’re accessing these companies (versus responding when “they” reach out to you), you’ll eliminate the vast majority of scam attempts.
Originally published at https://www.mickmel.com on May 22, 2023.