Everyone will get hoax email at some time. Most of the time your email security systems will protect you from it before it does any damage. However hoaxers are relentless and innovative and sometimes bad email will get in to your inbox before your security systems know how to identify it. Hoaxers also play on your values and emotions. They play right into your feelings of trust and mistrust and manipulate them to advantage while inflicting damage and harm.
As well as enabling automated security systems, being able to intelligently “smell a rat” can help you protect yourself from harm. Knowing what to look for before opening email can help you avoid infection and the horrible clean up required afterwards.
What to Look For
Emails that purport to come from a serious authority authority (FBI, police, taxation authority, etc) and demand you click a link to read or download something with a threat of legal action if you do not take action.
These organisations never send email that ask you to do anything under threat of legal action. These scams trade on your good will to obey just authority and fear of failing to take action in your best interest. Clicking links or downloads from these emails are an abuse of your trust and will cause harm. Delete these emails from your computer immediately.
Emails that purport to come from a financial agency such as your bank or Paypal. The content may say that your account has received suspicious activity, or that a payment is awaiting your approval, or that a large payment has been made from your account and they need you to confirm immediately by clicking a link.
Financial institutions may advise you of certain completed action in your account, but they will never ask you to click links to confirm or ask you for any of your login or account details by email (or in an unsolicited phone call). These scams trade on your fear of having your money stolen electronically and lead you straight down the path of gathering your details so they can steal your money with your help. Never click links or download files from these emails. Delete at once.
If you need confirmation of payments made of received in your bank account, either visit your bank in person or check your account online using your usual login. Your statement will disclose the truth of the matter.
Emails that claim you are a beneficiary of inheritance or philanthropic bequest.
Money for nothing is always attractive. If it sounds too good to be true it usually is. Although these scams are not usually malware or virus related, they are designed to take all your money and are frequently very successful even where the victims are normally very cautious and otherwise aware of being taken for a ride.
What Can You Do About It?
- Be aware of what you read and especially what you click on.
- Be awake to the fact that on the Internet, as in real life, all is not necessarily what it first appears to be.
- cPanel hosting account usually include anti-spam tools (Spam Assassin, Box Trapper). These tools can be effective, but by today’s stanrads are difficut o manage and not recommended.
- Use high quality remote anti-virus/antispam systems such as the clickonIT spamfilter. As well as being highly responsive to the latest in harmful email payloads, they often include other features that make your email a very safe and reliable communication channel.
- Always have a complete and up to date computer security system in place such as AVG or Norton 360. As well as email security it is very important to have the complete compute security protection these tools provide.
- Report scam and hoax mail to the authorities the bad email is pretending to be.
Some hoax/scam/phishing reporting links;
Australian Taxation Office – https://www.ato.gov.au/General/Online-services/Online-security/How-to-report-a-scam/
Most banks and government agencies have a bad email report channel. Look it up and report it. We cannot stop scam/spam/hoax/fraudulent email, but we can refuse to be victims and give the senders a hard time.
The Australian Government publishes regular information through ScamWatch