I am more and more amazed by how sneaky and clever scammers have become. Scams and phishing attempts are getting quite advanced, and sometimes even I have trouble figuring out what’s legit.
Terrible spelling errors and obvious fake emails are a clear red flag, but that’s just the tip of the iceberg.
First of all, don’t respond to text messages if you don’t know who the sender is. Scammers often send out texts en masse, and if you respond, you’re validating your phone number. They may try to hack your phone or use your phone number elsewhere for authentication purposes.
Another call to lock your SIM with a pin code.
Don’t ever click links from emails or texts from your bank or other social media platforms without double checking everything (and even calling your bank if necessary). Scammers will sometimes pretend to be your bank, send you low balance alerts via text or email, and ask you to click a link. This takes you to a spoofed website that looks like the official bank website, and you’ll end up entering your bank details and getting ripped off.
And then there are the realistic messages from Facebook, Instagram, or other social media platforms. Recently I received an email from Instagram that looked to be completely legitimate, saying my content was a copyright infringement. The link provided brought me to a fake website asking me to enter my Instagram credentials to view the details of the infringement.
If you receive strange messages from a Facebook or Instagram friend, question everything. A few weeks ago, an Instagram friend asked me to vote for them in a contest. I said of course, and they asked for my phone number to send me a link to vote. Then they wanted me to screenshot the link and send it to them. What really happened? They sent me an Instagram password reset URL and were looking to manually steal my account.
Finally, don’t pay invoices you’re not expecting. This seems obvious, but some people are sending legit invoices through PayPal and Quickbooks. It’s like spam, but instead of sending emails from made up email addresses, they’re sending legitimate invoices through legitimate platforms. It’s easy to get confused.