It happened again ... a customer came scrambling into our store, just the other day, with a tale that we'd heard before:
An email had come in from "Windows", saying that they'd detected a big problem with her computer. She was to telephone the number in the message. Worried, she called the number, and was assured that they could fix the problem if she paid them a fee of $300.00. She gave them her credit card number, right then and there, relieved that this serious issue could be resolved.
She was lucky. She suddenly realized that this may be a scam, and came right in to see us about it. In the end, she was able to prevent the charge to her credit card, but she now had the trouble of having to cancel that card, have a new account set up to replace it, and will spend a fair bit of time contacting trusted vendors, like PayPal, to change all of her card information.
Some customers haven't been so lucky, and have paid big bucks for it.
So how can we help protect ourselves from becoming victims?
BE ON GUARD. The bad guys are counting on you being caught while distracted, or busy, or not thinking clearly for any number of reasons. Most victims, if they had been paying closer attention, wouldn't have fallen for the ploy in the first place. When dealing with e-mail that is from someone you don't specifically know already, pay attention to what it actually says, and don't fall into the trap of clicking the link in the message, without thinking hard about that first. If you're in the middle of a big project, or talking on the phone, or otherwise preoccupied with something else ... then don't do anything with your email from strangers.
DON'T CLICK ANY LINKS. Never click a link inside of an email unless you are definitely, and in advance of receipt, expecting an email from someone or a company you have been dealing with. For example, some companies, while opening a new account on-line, will send you an email with a link that you need to use in order to immediately confirm who you say you are. That's just fine, if you've just been opening a new account, and the website tells you to expect an email from them. But ... if the message turns up out of the blue ... it's a scam.
KNOW YOUR TRUSTED COMPANIES' POLICIES. Our bank, utilities, and any number of other companies contact us, by e-mail, on a regular basis. But absolutely NONE of them EVER ask us to do something, in an e-mail, that doesn't involve closing that message, and going to their web-site to securely log on into their system outside of our e-mail program. Absolutely NONE of our trusted companies will put a link into their web site that will lead us to providing sensitive information.
DON'T TRUST THE LOGO. The bad guys will send you messages that look exactly like the messages you get from your legitimate trusted companies. So ... always be on guard. Read the message, and if there's any request in it, that involves you providing sensitive information, close it, and delete it. If you're concerned that the message was real, then go into your web browser, separately, and log into the legitimate company's secure system.
DON'T PHONE THE NUMBER PROVIDED. This is in the same category as "don't click the link". If you receive a message asking you to call a number, close it and delete it. If you're concerned that it might actually be from a trusted company, then find their number from a trusted source, and call it. A utility bill, statement, or even Canada 411 on the web, will give you the legitimate phone numbers of your trusted companies, and only these are the phone numbers you should use.
This list is, by no means, "complete" ... just when you think you've figured out all of the ways that the bad guys can scam you, they come up with something new. So keep watching, be suspicious of everything, and develop your own "Rules of Thumb" that make sense to you, and that you stick to by default.