How to avoid common email scams
A few simple rules would help you safeguard yourself from scams:
Rule 1: Suspect all spam about your finances: credit cards, bank accounts, etc.
Don’t ever confirm financial information of any kind without first contacting your financial institution and determining that the request is genuine.
Most popular financial companies have corporate anti-fraud policies. A few of them can be found at http://www.antiphishing.org/resources.html#Policies
If the mail instructs you to update some information, the safest means to do so by visiting the site manually, rather than clicking on the link given in the mail. For example, if you receive a mail asking to update your NetZero account details, simply open a new Web browser, type in www.netzero.net and perform the requested activity.
Rule 2: Suspect all spam asking about your computer accounts, email accounts, or other computer passwords.
Don’t ever reveal passwords or other account information without first contacting your computer support provider.
Rule 3: Suspect all unsolicited attachments.
Many email attachments being delivered on the Internet today are dangerous and could be virus-infected. Opening an unsafe attachment can allow programs or individuals to take over your computer and use it to carry out illegal activities. Before opening any attachments, please make sure the email is from a trusted source. If you are unsure, contact the sender before opening the attachment.
Don’t ever open an attachment until you are sure of what it contains, either because you have been told to expect it by the person who sent it, or you have contacted the sender to verify that they sent the attachment. Always run a virus scan on such attachments if you wish to open them.
Rule 4: Suspect mail that has a highly urgent message about your account.
If you get an email that warns you, with little or no notice, that an account of yours will be shut down unless you reconfirm your billing information, do not reply or click on the link in the email. Instead, contact the company cited in the email using a telephone number or Web site address you know to be genuine.
Genuine companies will always give you enough time to react.
Rule 5: Do not trust the ‘From’ address or URLs listed in the body of the email.
From Address: Most of these email scams work by falsifying the sender’s address. The email may appear to come from your bank, or from someone you know, but could be a scam. If you receive a message dealing with sensitive financial or account information, or containing an attachment, do not blindly trust the headers but act with caution.
URLs/Web links in the message: Scams that attempt to collect personal information often ask you to click on links that appear to take you to pages with web addresses that look genuine. Don’t ever give out personal information just because the web address looks legitimate – there are ways to disguise the real address of a website. It may appear as if you are clicking onto www.netzero.net, but in fact you could be being redirected.
Rule 6: Be wary.
There’s nothing about email or the web that makes it any more or less prone to fraud than any other medium. Just as you would think critically about what you read or see on TV, you should apply the same scrutiny to what lands in your inbox. If it seems suspect, or too good to be true, it probably is.
Rule 7: Report the scams you see.
You can help us protect you better by reporting the scams you come across. Please forward the mail with its full headers to firstname.lastname@example.org.
To learn how to forward an email with full headers, please click here.
More resources on email-scams
Anti Phishing Working Group (APWG)
Federal Trade Commission – ID Theft