Scammers are everywhere.
15/11/21 Filed in: scams
Scams are getting more and more elaborate. Every day it seems I'm being contacted by someone that has had their personal info compromised. These bad guys are getting very good at working around your security. The good news is that so far, two factor authentication seems to be holding them at bay. Two factor authentication requires that a code be sent to another registered device or email account that would be required to to authenticate yourself. The issue here becomes, if they have access to that email account already, you're behind the eight ball. Make absolutely sure you have two factor authentication turned on to prevent future invasions like this. Never join open wifi networks that do not require a password. If you have other accounts that contained the exact same password as your compromised password like ATT, Facebook, your power bill, Amazon, etc… change those immediately as well.
Stop using the same password for multiple accounts. Start thinking about your passwords being phrases instead of words. For example: don't use "Tarheels72". Do use: "Igraduatedfromuncin72withA+"
If they are able to get one of your accounts username and password combination, they will try that combination with multiple accounts. Eventually they'll get into one then change all your security questions and recovery email addresses which will then lock you out of your own accounts. Two factor authentication helps prevent this.
I recently worked with a company who uses standard emails like info@companyxyz.com or warehouse@companyxyz.com and the bad guys were able to break into those. From there, they extracted their contact lists and began emailing all their clients saying they were due a refund. The link they provided went to a fake website designed to look like a login for Shopify. This particular bad guy was able to continue buying new domain names to direct traffic to in order to stay ahead of the other domain registrars that were shutting him/her down.
These fake emails are designed to sound serious in order to get your attention. For example:
"There was a problem processing your ATT payment."
"You overpaid on your last invoice and are due a credit"
"Thank you for your payment to Apple, click here for your free AirPods"
I see very intelligent clients panic, interact with these fishing schemes and then are lead farther down their confusing rabbit hole. They design their conversations with you to scare, intimidate, and confuse you. Do not call any numbers you are presented. If you are concerned with something, look the actual phone number of that particular company yourself. Or type in the website yourself. Don't trust the link to take you. Hint: If you hover a link, it will reveal the actual URL you're being directed to without clicking on it.
I realize I may sound like a broken record here. Just keep your guard up. Don't always trust what you read. Use complicated passwords. Do not join open wifi networks. If in doubt, feel free to forward any email to me or take a screenshot of whatever you may find suspicious.
Stop using the same password for multiple accounts. Start thinking about your passwords being phrases instead of words. For example: don't use "Tarheels72". Do use: "Igraduatedfromuncin72withA+"
If they are able to get one of your accounts username and password combination, they will try that combination with multiple accounts. Eventually they'll get into one then change all your security questions and recovery email addresses which will then lock you out of your own accounts. Two factor authentication helps prevent this.
I recently worked with a company who uses standard emails like info@companyxyz.com or warehouse@companyxyz.com and the bad guys were able to break into those. From there, they extracted their contact lists and began emailing all their clients saying they were due a refund. The link they provided went to a fake website designed to look like a login for Shopify. This particular bad guy was able to continue buying new domain names to direct traffic to in order to stay ahead of the other domain registrars that were shutting him/her down.
These fake emails are designed to sound serious in order to get your attention. For example:
"There was a problem processing your ATT payment."
"You overpaid on your last invoice and are due a credit"
"Thank you for your payment to Apple, click here for your free AirPods"
I see very intelligent clients panic, interact with these fishing schemes and then are lead farther down their confusing rabbit hole. They design their conversations with you to scare, intimidate, and confuse you. Do not call any numbers you are presented. If you are concerned with something, look the actual phone number of that particular company yourself. Or type in the website yourself. Don't trust the link to take you. Hint: If you hover a link, it will reveal the actual URL you're being directed to without clicking on it.
I realize I may sound like a broken record here. Just keep your guard up. Don't always trust what you read. Use complicated passwords. Do not join open wifi networks. If in doubt, feel free to forward any email to me or take a screenshot of whatever you may find suspicious.
Sells Consulting email