By Small Biz Guy
Bad email happens to good people. While you and I work hard to make a living running our small business, there are thugs, losers, and liars working even harder to find ways to pick your pocket electronically. Just when you think it is safe to check your email, respond to a “message from your bank,” take advantage of cheap “Canadian medicines,” or open up an attachment sent from one of your “trusted friends,” thieves thousands of miles away are just salivating at the riches that lay ahead for them when you hit the “enter” button on your keyboard.
One wrong move and you place at risk all of valuable contact and credit information about you and your customers that is stored in your computer’s hard drive. Another wrong move – which you may think is a right move – and your computer can be taken over by the “bad guys” and spyware-laden messages from “you” are quickly sent to everyone in your email address book. Or, another wrong move, and some low-life geek in a far away place gets the pleasure of just having planted a virus in your system that will destroy your hard drive and all of your stored data at a specific date and time.
What does this mean to you? Unfortunately, the list is long and not pretty. Your identity can be stolen. Your credit card information can be used to make purchases or secure other lines of credit about which you know nothing. Information about your customers and their preferences can be lost, or worse, used for ill purposes. You can lose lots of money in down time as you work to debug and rebuild your databases. Even worse, you may be liable for damages sustained by your customers when the bad guys get access to customer information that you legally are required to protect at all costs.
There are lots of ways that electronic losers try to penetrate your computer and later in this series of articles, we’ll cover such dangers as downloading “free software,” drive-by data hijacking, visiting fake Internet sites you thought were trusted, not using firewalls, not scheduling virus checks or doing periodic scrubbing.
Your email inbox is one of the primary ways that Internet losers make life miserable for honest working folks. Let’s spend the rest of our time learning how to spot traps and better protect ourselves from email scams. First, here is a bit of reality for all of us:
#1: No one is waiting to GIVE you $$$ millions.
No daughter, son, widow, dying cancer victim, parentless child, distant relative, auditor, bank examiner, or exiled general located thousands of miles away has found a way to reach You to ask You to help them get millions of dollars out of the country, and then offer to give you millions as a way of saying “thanks.” It has never happened in the history of humankind and it absolutely, positively is a scam.
#2: You have NOT won an International Lottery.
There is no lottery anywhere on Planet Earth that uses lists of email addresses, random names, or any other method to generate a grand prize winner – that happens to be you – and then communicates with you via unsecured email correspondence simply to request some basic information from you so that they know where to send a check for millions of dollars. Such a lottery does not exist.
#3: You have NOT won a $500 or $5000 shopping card from Sears, Costco, Home Depot, etc.
Legitimate retailers simply do not, I repeat “do not” decide to wake up one morning and spend millions of dollars mailing gift shopping cards to random email addresses…one of which happens to be yours. Sorry.
#4: Your financial institution is NOT doing routine maintenance or has suspended your account.
No legitimate bank or financial institution (or PayPal, eBay, your ISP, etc.) will ever send out blanket emails advising “dear clients” about a maintenance issue, audit, or irregularity that requires you to submit your password or account information online in order to protect your account from suspension. Even if it looks real, and the site has all the right colors and logos, it is a dangerous scam called phishing.
#5: There is NO magic pill, cream or product that will help enlarge any part of your body.
If you send your credit card information to purchase, online, any pill, cream, device, or product claiming to enlarge any part of your body, the only thing that is going to get big is the bank account of the bad guys. They will now have your credit card info and they will “shrink” your assets in no time flat.
If you get any of these emails, you need to identify and report them as scam (if your Internet service provider offers this feature), delete them, and then empty your delete folder. DO NOT just leave them in your inbox or leave them in your “deleted/trash” folder. Make sure to “empty” your trash and get that stupid stuff as far away from your important files as possible.
How do you know when an email probably is a scam? Are there some telltale signs that scam emails have in common? The answer is, YES.
#1: Look out for “throw away” email addresses.
Electronic thieves and Internet bad guys are most likely to use email addresses that are free. Legitimate email users often will have addresses featuring known ISP providers or WWW addresses. Free, or “throw away” addresses are those that have “yahoo.com,” “hotmail.com,” etc., as part of their basic address. Be very suspect about trusting any message from a source using free or anonymous email to reach you.
#2: Look out for “foreign” email or website addresses.
Not all, but quite a bit of bad email (scam, spam, phishing, and other rotten stuff) comes from foreign-based operations. Be on the lookout for someone pretending to be a local or US-based person or company but using an email or website address that has foreign country codes at the end of their address. Such suspect addresses could end in “com.ru,” “.hk,” “.br,” (i.e., Russia, Hong Kong, Belarus), or any two letters that stand for a country name. There is almost no international law or recourse when dealing with illegitimate foreign sales, so a good rule of thumb is to stay clear of these types of dealings.
#3: Look out for deliberately misspelled words in the subject line of the email to you.
Legitimate drug makers or marketers don’t use emails to advertise Viagra or medications or pharmaceuticals, etc., and scam-blocking software almost automatically assumes that emails with these words in them are scam. So, the bad guys try to play cute by informing you about “V!agr@” or “Medz” or business “l/i/n/e/s of c/r/e/d/i/t” or whatever, in the subject line or body of the email to you. A good rule of thumb: If a word is misspelled in the message title, the message most likely is from a thief trying to trick scam-blocking software in order to rob you blind.
#4: Look out for misspellings and poor or non-English grammar in the body of an email to you.
Most legitimate businesses will spend big money on marketing and advertising efforts to reach you. Rest assured that many professional eyes will examine every word and punctuation mark of a message before it is sent to you. Ditto for those alleged highly educated “barristers, generals, auditors, attorneys, etc.” who are writing to you. If the body of the email message to you is filled with misspelled words, incorrect punctuation, foreign spelling of common US words (e.g., theatre for theater, centre for center, etc.), and poor spacing, then the odds are that this is a scam message and delete it immediately.
#5: Look out for non-personalized emails claiming to be reaching you specifically.
A legitimate business, person, official, or financial institution with whom you do business, will most certainly refer to you by your formal name and (in the case of a financial institution or business) will include the first or last numbers/characters of your official account number with them. If a “personal” email message to you refers to you only as “Dear Beloved” or “Dear Client” or “Dear Account Holder” or “Dear Business Owner” or by any other non-personal reference, it is a safe bet that this is a scam email.
Another good rule of thumb: It is better to assume that a suspect email is bad scam and delete it, even if this means that once in a great while a legitimate email will get tossed. After all, you simply are trying to protect yourself and your business data assets in this day and age of increasingly sophisticated Internet thievery.
Bad email happens to good people all of the time. Be realistic and be on the look out and you will stand a better chance of keeping some of those assets you’ve worked hard to earn.
