We’re most vulnerable when we’re not paying attention or when coincidence catches us off guard. This would have been an easy scam to fall for had I not been paying attention. First off, we’re doing business with Hawai‘i Life, so it wasn’t unusual to receive an email from them. Second, everything in the email was legitimate—except for the “click here” link. However, even the click here link didn’t look very suspicious, which left me with a problem and the reason for this email scam tip.
The email was sent to “Undisclosed Recipients.” In other words, someone had pasted email addresses into the “BCC” field of an email and sent it. This is not the way our realtor would have us update documents so I was immediately suspicious.
Next, I wondered why we hadn’t been informed in advance there was a form to update. Again, I was suspicious, so I called the office. In this case, I trusted the number because it was an 808 area code, which is the area code for Hawai‘i. Immediately upon calling, Shana told me her email had been hacked.
The email now made sense. It had been sent by a scammer in hopes the recipients wouldn’t pay attention, would go to a bogus website, and provide sensitive information. Shanna, of course, told me to not click the link in the email. Got it. No worries.
This scam points out a few different issues. There are three parts to this email scam tip.
- Everyone needs to have a secure password on their email account. The password should not be the same as those used elsewhere.
- “Undisclosed recipients” should be a dead giveaway. Something may be fishy with an email sent only to blind-copy recipients.
- When you’re doing business with a company and receive an email from them, there’s a presumption the email is legitimate. In this case, my inclination was to get the facts before I clicked. Had I not done so, it would have exposed me to a possible virus, malware, or identity theft.
- Stop. Think. Only then should you connect or click.
- Stay tuned for next week’s email scam tip.