Consumer Alert: How to spot a scam email and what to do if your information is compromised
[anvplayer video=”5048450″ station=”998131″]
ROCHESTER, N.Y. (WHEC) — I love News10NBC viewers. You’ve been sharing scams with me., and that has given me plenty to investigate.
An email this week from a viewer named Jack was intriguing because it had all the hallmarks of a scam.
The crook included the PayPal logo on the email, but it lacked the superimposed letter “P” on the official logo. The email address was service@paypal-int-service.com, but it was wrong. The actual email address ends with paypal.com. A business wouldn’t have all that nonsense after the company name.
The scammer also included a link in the email that was potentially especially dangerous. Clicking on links can often unleash malware onto your computer. The email said that a payment of almost $4,000 had been sent to a Bitcoin exchange service from Jack’s PayPal account. But the email wasn’t addressed to Jack. It was addressed to “customer.” An email from PayPal addressing activity on your account would be addressed to you, not “customer.”
Lastly, the phone number was also suspicious. It starts with plus one. That’s the country code for the U.S. and Canada. The area code, prefix, and line number are separated by commas. Americans don’t write a number that way. These scammers are likely overseas.
Jack didn’t fall for it. He called the number on the email.
He told me, “I called the number and gave the transaction number on the email. I then asked if he could see my account. He said yes. So, I said cancel my account. He said I would have to go to my computer and he would walk me through the process. I said no. All I wanted was to cancel my account. The response was he could not do that. So, I asked to speak to a supervisor. Then he hung up.”
The scammer likely wanted to “walk Jack through the process” of closing his account so that he could try to get Jack to reveal information that would give them access to his account.
But unless you look closely, the email looks authentic. That’s why recognizing red flags is important. You can rest assured that you will get scam emails. As I’ve reported before, billions of emails are for sale on the dark web. It’s safe to assume that your email address and/or password have likely already been compromised.
Here’s how you find out. There are several good websites where you can enter your email address or password to find out if it has been posted on some hacker site on the dark web.
- Avast’s Hack Check
- F-Secure Identity Theft Checker
- Haveibeenpwned
- Cybernews’ Personal data leak checker and leaked password checker
If you find out your information has been compromised, don’t panic. Instead, change all your passwords. It’s a good idea to check more than one website because each may be scanning different sites on the dark web.