Mom, Dad, It’s Time to Talk About Phishing
Has your mom been talking about an outrageous volume of weight-loss subscription emails in her inbox? Did your dad fall victim to a phone scam by a “Microsoft employee” trying to help “prevent a data breach” on the family PC?
If you answered “yes” to these questions, then it’s time to have “The Talk” with Mom and Dad. A tough talk about phishing, that is.
At least when you have this conversation about deceptively important-looking emails, websites and other communications designed to steal personal information, you won’t be empty handed.
Here are a few tips to help your parents spot a scam before it’s too late.
- Watch out for urgency. According to FBI.gov, scammers often pressure victims to respond quickly, before they have time to think. Urgent requests for information could come in the form of an email, Facebook message or even a phone call. Any threat that your bank, email, credit card, or other accounts could be closed if you don’t respond is likely a scam.Just last year, hackers called consumers posing as Microsoft technical support, saying that someone was trying to access their computer and that they needed to log on immediately, allowing the caller remote access. The Federal Trade Commission (FTC) urges consumers never to allow a caller remote access or give credit card details over the phone.
- Take a close look at that email. Phishing emails often mimic a trusted source like a bank, credit card, favorite retailer, or even your email provider. In March, an email that seemed to come from Google circulated to Gmail users with the subject line “Documents.” Those who clicked on the link inside the email were directed to a web page that looked almost identical to the Gmail log-in page, stealing usernames and passwords of anyone who logged in. Always scrutinize the sender’s email address. These emails also could be loaded with cryptic web links. CNET.com suggests hovering your cursor over the link to identify the actual link destination.
- Never give out personal information. This should be a rule for email, text messaging, phone calls, and social media platforms, even if you’re connecting with a person you know or a trusted institution. According to OnGuardOnline.gov, banks and other financial institutions will never ask for sensitive information via email.
- Watch out for bad grammar. According to Microsoft, spelling and bad grammar is a telltale sign of phishy communication. Large companies and organizations should never allow a mass email to go out with a number of errors.
If your parents think they’ve been targeted by a scammer, there are a few things they can do. The FTC recommends forwarding any suspicious emails to firstname.lastname@example.org and to the company, bank or organization that the communication appeared to come from. If your folks spot a suspicious Facebook post appearing to come from their account, they should delete it immediately and change their passwords. They can also mark suspicious messages from friends as “spam.”
Once Mom and Dad have secured their information online, they can get back to what they do best in social media, like scanning and posting your most embarrassing high school photos.
Recommended by the Editors:
- Tools & Resources: What is Phishing?
- The Password Conundrum: Choosing and Remembering Strong Passwords
- 5 Things to Know about Using Mobile Banking Apps Safely