Thoughts & Views: ‘Phishing’ season is year-round

In my spam folder, there are currently 15 emails: two ostensibly from EZPass telling me I owe toll money; four alerting me to a FedEx delivery/ shipping notice; one, to a U.S. Postal Service delivery; one, for a UPS delivery; two notices to appear in court, and five messages from a company of which I have never heard but which wants me to confirm my address and my credit card payment.

I have opened none of them, and as soon as I finish writing this, they will all be deleted. I kept them on file for tally purposes only.

They are all bait used by scamsters who are “phishing” — attempting to lure the email recipient into providing personal information (name, address, account info, etc.). Info they can then use to steal your identity.

Sometimes, you don’t even have to reply. Merely by clicking on a link in the email, you could download a computer virus that will allow the crooks access to all sorts of data.

Even worse, is something called a “Trojan” (as in the horse, okay?). As described by Scambusters.org, when you click on an icon or link, “It installs a downloading program that then fetches and installs at least two more files on your system. These may disable your firewall, look for and steal credit card and bank account details, make screen snapshots and allow hackers continued access to your machine.”

I am so wary now that I won’t open a suspicious email, much less click on anything.

I wrote about the “notice to appear” scam earlier this year. Back then, I did open the missive, out of curiosity, but luckily there were no repercussions. It gave me a date and time when I was scheduled to appear for my “hearing” in “the court of St. LouisTampa” and if I did not show up “the case may be heard by the judge in your absence.”

It also told me to download and read the “copy of the court notice . . . attached” to the letter.

If the non-existence of a place called St. LouisTampa wasn’t enough of a clue, the instructions to download something screamed, “DANGER! FAKE!”

I hoped that the column would alert some gullible, trusting readers to dangers lurking on the web. Which is the same reason I’m writing this one.

FedEx, USPS and UPS scams — and the ones allegedly from individual retailers — are still spreading, and I fear that as we enter the holiday shopping/ delivery season, recipients might fall for them.

Just delete the damn things. If you are truly concerned about a supposed missed delivery or whatever, contact the company directly — but NOT via any phone number provided in the email, no matter how legit the letterhead/logo appears. Look up the number for yourself.

The EZPass notice of unpaid tolls or overdue account payment is fake, too, and spreading.

Don’t open it. If its mere arrival has you worried, call Port Authority EZPass customer service directly to find out if there really is a problem with your account. (Odds are, there isn’t.) Again: Obtain the phone number for yourself.

Below is more advice, as posted by the Council of Better Business Bureaus, on how to spot scams. Some may be repetitive, but better repetition than being ripped off:

• Don’t believe what you see. Scammers make emails appear to come from a reputable source. Just because it looks like a “usps.com” address does not mean it’s safe.

• Be wary of unexpected emails that contain links or attachments. As always, do not click on links or open the files in unfamiliar emails.

• Beware of pop-ups. Some pop-ups are designed to look like they’ve originated from your computer. If you see a pop-up that looks like an anti-virus software, but warns of a problem that needs to be fixed with an extreme level of urgency, it may be a scam.

• Watch for poor grammar and spelling. Scam emails often are riddled with typos.

• (Be wary of a warning that) immediate action is necessary. Scam emails try to get you to act before you think by creating a sense of urgency. Don’t fall for it.

Personally, I also no longer open any emails from senders I do not recognize. If you’re that eager to get in touch with me, contact The Observer. And identify yourself.

– Karen Zautyk 

The Observer Staff