7 Free Tips to Fight Spam

by April 10, 2020

Email Spam

Are you noticing more spam lately?

Hackers and spammers love to exploit a stressful situation (e.g. pandemic). Follow these 7 tips to stay vigilant against spam and phishing!

 

1. Ignore All IRS Stimulus Emails

I’ve personally seen plenty of “IRS” emails lately regarding the stimulus. Naturally, since we’re all eager to receive our stimulus check, those emails look enticing. However, the IRS says, “most people won’t need to take any action.” Therefore, you won’t be contacting by a shady email to receive your $1,200. Most of the stimulus-related emails are spam and phishing attempts. The spammers are preying on the heightened emotions of this pandemic, but you can stay one step ahead by marking those emails as JUNK and getting rid of them. This same advice goes for spam emails regarding face masks, ventilators, and other COVID-19 concerns.

2. Check the Source

Whom is the email coming from? Mature phishing attempts try to mimic legitimate company emails as much as possible. So while the email may seem like it’s coming from the IRS, First Horizon, AT&T, Wells Fargo, etc., check the source. Who is the sender? Is the company name or domain name misspelled? Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com versus .net). If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Contact the company using information provided on an account statement, not information provided in the phishy email.

3. Check the Grammar

Spam emails are typically full of grammar and spelling errors. A respectable corporation is not going to send out emails with multiple spelling or grammatical errors. That is an immediate red flag, and you should probably mark it as JUNK or SPAM right away. More mature phishing attempts may not contain those errors, and you’ll have to be more vigilant. Remember, a cleverly-worded email using proper English does not necessarily make it legit. If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Contact the company using information provided on an account statement, not information provided in the phishy email.

4. Check the Links

By definition, phishing attacks use email or malicious websites (clicking on a link) to collect personal and financial information or infect your machine with malware and viruses. Ultimately, mature phishing attacks are in some way motivated by money. The links in the email might look legitimate, but even one letter off in the domain name is a glaring red flag. When in doubt, throw it out: Links in email, tweets, posts and online advertising are often how cybercriminals try to compromise your information. If it looks suspicious, even if you know the source, it’s best to delete or – if appropriate – mark it as junk.

5. Regularly Run Virus Scans

It’s important to keep all software on internet-connected devices – including PCs, smartphones and tablets – up to date to reduce risk of infection from malware. If you’re on a Windows, run virus scans weekly (e.g. Malwarebytes Anti-Malware Free). Install real-time malware protection. Keep your Windows Defender updated and run virus scans. If you’re on a Mac, keep your Mac operating system and software up-to-date.

6. Mark the Email as JUNK / SPAM

Another positive step you can take is to report spam. Most email clients offer ways to mark an email as spam or report instances of spam. Reporting spam will also help to prevent the messages from being directly delivered to your inbox. You might also check your spam filters. Most email providers offer spam filters; however, depending on the level you set, you may end up blocking emails you want (i.e. false positives). It’s a good idea to occasionally check your junk folder to ensure the filters are working properly.

7. Strengthen Your Passwords

Weak passwords are one of the easiest ways hackers get into your account. Have you ever considered making your “password” a sentence? A strong passphrase is a sentence that is at least 12 characters long. Focus on positive sentences or phrases that you like to think about and are easy to remember (for example, “I love country music.”). On many sites, you can even use spaces! Also, having a separate passphrase for every account helps to thwart cybercriminals. Next, consider simplifying your life with a password manager like LastPass. You only need to remember 1 password to get into your password manager, and you can generate strong, unique passwords for each of your accounts! Finally, turn on 2-factor authentication wherever you can. Most major websites support this incredible security feature, which generates a temporary 6-digit code every time you try to login with a new device. A few extra seconds each login is trivial compared to the hours needed for identify theft recovery.

We help our clients stay vigilant against online hacking and phishing attempts.