A new circulating scam is a remix of an old con. In this scheme, the scammers e-mail you pretending to be from your e-mail service provider (Google, Yahoo, etc.). They’ll tell you you’ve exceeded your e-mail quota or that you have “deferred e-mail.” The e-mail will instruct you to follow a link to retrieve your unchecked e-mail. Other variations of the scheme will tell you that you need to “update your personal information” to continue using your e-mail service, which will require you to click a link to log in.
The link is to a malware download site, which will infect your device once you click the link. The breed of malware will vary from attempt to attempt. Some may only bog down your computer with pop-up ads and other irritations. Others will root through your browsing history and personal files, looking for account numbers, personal information, and passwords. You won’t know you’re infected until you get an unexpected credit card collection call.
Some scammers have gotten more sophisticated with the initial pitch and will include “unsubscribe” or “change notification settings” in the footer of the e-mail. People looking to reduce the number of unsolicited emails they receive might click this link. They would be disappointed to learn that this link will also direct them to malware download sites.
If you’re looking to keep yourself safe from this new threat, here are three steps you can take.
1.) Know your Terms of Service
You don’t have an e-mail quota. While there are upper limits on the amount of e-mail your service provider will store for you, unless you’re sending DVDs worth of information regularly, you will never approach that limit. Gmail, for instance, will store around 65 gigabytes of e-mail data for you. If you received 23 professional-quality photos every day, it would take you a year to exceed your storage limit, assuming you never deleted any of them.
E-mail service providers also set some limits on the number of e-mails you can send, but if you’re clicking the send button each time, you’ll never exceed that frequency. Again, you don’t have an e-mail quota. These limits are designed to prevent malicious or fraudulent activities, which is why they target automatic message sending. If you’re running a business out of your home, you might worry about tripping this limit. For your personal e-mail, though, this will never be a concern.
If you’re expecting an e-mail regarding a job interview, family news, or another significant life event, be proactive. Contact the person you’re expecting to hear from and ask for an update. Sitting and waiting creates anxiety, which makes an environment ripe for scams.
2.) Don’t follow mystery links
If you receive an e-mail from someone you don’t know, and it contains a hyperlink, don’t click it. Even visiting malicious websites can infect your computer, causing untold damage. Even if the message comes from someone you know, if there’s no context for the link, don’t click it.
You can take steps to figure out if the message you’ve received is legitimate. Look at the “from” line. The message may appear to be from Google, but if the second part of the e-mail address (the part after the @ symbol) doesn’t match what you think it should be, it’s probably bogus. If there’s even a shred of doubt in your mind, don’t click.
Part of practicing good Internet hygiene is keeping your computer away from dangerous websites. Even if you think there’s nothing on your computer worth stealing, scammers could use your computer to cause serious damage to your friends and family. Stay safe, and keep your friends safe, too.
3.) Report suspicious activity
E-mail service providers take these scams as seriously as you do. Someone is trafficking in their good name to exploit their customers. They are eager to put a stop to it to keep their brand image safe and their customers happy.
If you have any doubt about the legitimacy of a message, forward it to your provider’s abuse address. Gmail has an option to “Report phishing” in the drop-down menu next to the reply button. Yahoo and Hotmail offer similar functionality. For larger corporations, try forwarding the message to “abuse” or “admin” @ the company’s website.
These companies would rather sort through a thousand false positives than let people continue to defraud their customers. They value you because they’re providing you a service. Don’t hesitate to let them know something’s amiss.
If you like what you read, then join our e-mail list!