February 28, 2016
For as many times as I’ve discussed malware and phishing scams here on this blog, even I almost fell for one of these computer-hacking scams just the other day.
There I was, hurriedly working through my emails, when I saw an alert from PayPal letting me know that my account was in danger of being placed on a credit hold status, potentially affecting my ability to both make purchases and accept payments for invoices sent to others.
Well, I had just made a purchase using my PayPal account; that much was true. But doesn’t PayPal deduct my payments directly from my bank account, as per the settings within my account? And I know full well that there is a perfectly good credit card connected to my account as backup payment method so this did not compute for me. As far as I knew, my recent transaction had been paid for and was soon to be on its way to me.
The email read, “Contact us by March 5, 2016 at (link to email) or (link to phone), in order to avoid interruption in your PayPal service.” I took a deep breath and felt certain of the one thing not to do: I knew not to press either link. No way, no how. If this was malware, and I suspected it was, there would be no coming back from clicking through either link. That is how a virus is delivered to my hard drive.
A little more deep breathing … then I told myself that I could handle this. First, I logged into my Dropbox safely, via an open browser tab on my computer and not through any links in that email. Looking around, I saw no alerts. More important, I saw that the funds from my most recent transaction, my first overseas transaction for whatever that’s worth, had indeed been withdrawn from my bank account.
Next, I logged into my bank account. No alerts there either.
Feeling more certain that this was a scam artist at work, I looked carefully at the questionable email. What is it I always tell readers is the telltale dead giveaway of an email scammer?
Typos. Ridiculous typos and/or horrific grammatical and/or punctuation offenses.
This email only contained only one, but it was a biggie: the return email address was: customeriinformation@PayPal.com. Everything else in that letter was perfect, right down to the PayPal logo.
Looking back, I feel a bit ridiculous that I ever considered the possibility of this being a factual customer service request. As I have been sure to remind everyone as often as possible, large companies, particularly financial institutions, do not send emails; they send snail mail. However, we are all prone to momentary panic when it comes to our credit and our finances, and that’s how dishonest people have come to make a living off of our hard drives and our contact lists.
Sometimes, everyone needs a little talking down from that mountain. We all go there, no matter how centered, how grounded we may be 99 percent of the time. Stress wreaks havoc on our emotions and our thought processes, and there is little more stressful than running a household, parenting, and looking out for your parent’s (or parents’) well-being concurrently. If I may be of help to you or someone you know in structuring a healthy family discourse, please reach out to me.
All the best,
Rabbi Scott Saulson, Ph.D.