No, this may not be the cheeriest of Holiday messages, but in the spirit of giving, I thought I might give some advice you can use not just during the Holiday Season (when scams tend to increase), but all year long. It has to do with security – keeping your computer, personal data (bank info, etc.), even your very identity safe from those who wish to do you harm. 

Actually, this is an updated version of a Stet article I wrote in 2020. I thought much of the info was worth repeating (along with adding a few more really good tips) because recently I was approached by a member who was almost taken in by a scam, and wondered what to do. In this case, it involved the infamous “Apraxia scam.” Google that term to find out all about it. That same scam was tried on IWOC members last year from a different sender. Both times the email’s content was exactly the same, right down to the “Warm regards” signature. Both times the emails contained some of the telltale signs I mention later in this article.

Harking back to another case in 2020, a member confessed he was contacted for a fabulous writing assignment from Biogen -- a legitimate biotech company. After filling out numerous forms and providing some rather private information, a giant red flag sprung up when he was asked to deposit money in a bank account. He then ceased communication and luckily suffered no harm – other than wasted time and remorse for having been so trusting. 

How did this all happen? Is it just to IWOC members? Hardly. It could have been that their emails were “scraped” – a process where spammers obtain email lists from other spammers. If you’ve ever provided your email address online, you’re vulnerable.

So here are 7 of my security tips (plus a bonus tip), some from personal experience, some from what I’ve heard. While they aren’t guaranteed to keep you scam-proof, hopefully they could help prevent such occurrences. 

1. Approached for a prospective job? The person contacting you will most often have their company, their position in the company, street address, email, phone and website in their signature. Check out the company website. First, to see if the company exists. Secondly, to see if the person contacting you is on their roster. If you come up empty on the company or person, search for the person on LinkedIn and/or Facebook. Any info you’re able to gather will help you determine the legitimacy of the job offer.

2. If your gut is hinting “Scam!”, Google the company name or subject matter, followed by the word “scam.” Such as “Biogen Scam.” Or “Apraxia Scam.” In both those cases, the scam came right up. 

3. Sender’s email is weird. Whether it’s seemingly from a prospective client, your bank, credit card company or any company you may have dealt with, if the sender is telling you to click on a link, DON’T! DON’T CLICK ON ANY LINKS. Look at the sender’s email address. It’s not Kosher if the address is totally different from the company it claims it’s from. For instance...

I received an email supposedly from my email provider, with their logo in the message area. Looked good! But uh-oh. They told me that my account “is about to be disconnected, so CLICK HERE TO REACTIVATE!!!” Considering their email address had nothing to do with my provider’s name, plus knowing there was no reason to deactivate my account, I immediately marked it as spam and trashed it. 

4. But even if the sender’s email address does have the “correct” name, it often can include some nonsensical figures, such as in the Biogen email address, which was followed with a grouping of odd letters after the word “Biogen.” A dead giveaway. That being the case, trash it immediately or relegate it to “Spam” or “Junk.” You can also block suspicious emails. 

5. What if the email does look totally legit? Closely examine the message area. It might look like a genuine logo or banner. But there most ALWAYS is a tell. Misspellings. Grammatical errors. Poor wording. Two cases in point: 

a) The Apraxia scam contained this oddity: It was signed, “Warm regards,” and instead of a name, “signed” it with a telephone number. No company name. No website. Nothing. Bizarre. 

b) Normally I get alerts from USPS when a package is being delivered. The other day I got a so-called alert from tracking@usps.net. That email address sure looked like it was from USPS. But the legitimate alerts are always from “auto-reply@usps.com” (Note: not “.net”) Also, within the message, “USPS” (all uppercase) was spelled as “Usps.” Again, dead giveaway. Plus, the info in the message was unlike the usual messaging. Into “Junk” it went. 

6)  Do not engage. Be it work-related or not, if after taking any of the above into consideration and something smells fishy, do not engage the sender. Don’t ask questions. Don’t ask them to clarify anything. Once you show interest, they’ll feel they have a “live one.” And you may find yourself going down a pretty dark rabbit hole.

7) When providing your email address online, consider replacing the @ with “at”.  So it looks like:  “Alice at gmail.com”  I’ve even seen: “Alice at gmail dot com”  Looks illiterate, but supposedly these obfuscations have some degree of success in foiling the scrapers. One drawback is that it may be annoying to business prospects. So this method is up to you. I highly advise to click here to get more opinions on it.

8) Here's a good link with more tips specifically related to bogus job offers.

Bonus tip:  Buying or donating online? Before you enter your credit card data, make sure you see the little “lock” image next to the URL. That will tell you if the site is secure. Or not.

These are just a few of the warning signs that when not heeded, can open you up to computer viruses and worse.  Be vigilant. The best rule of thumb is: Don’t click on anything or respond to anything that looks the slightest bit suspicious. Check it out by doing the Google thing. Or simply call the company that supposedly sent you the email. If it’s legit – or not – it’s safe to say, they’ll tell you so. 

May your Christmas be Merry, your Chanukah Happy, and may you stay safe and healthy throughout!

-- Laura Stigler