Tuesday, February 6, 2024



By now, I would hope we all know not to click on any link provided in a business email, even as the email convincingly purports to come from a trusted company we have dealings with, such as our bank, website host, or our government. Close the email and log onto your account to check if this email or purported activity did indeed take place and requires an action from you.


Goodness, the same digital hygiene practice also applies to emails from friends when they don’t include clear text identifiers that could only come from your friend. Spoofing email addresses is an old scammer's trick. 


So, when we access the purported sender the safe way by looking their contact information ourselves and asking if the email was legit, we also educate our friends to not be sending links only. As to businesses, this means calling your bank with the contact number you have (not in the email) and speaking to security.


And so, this is what I did. My attempt to educate my bank went as follows:


Mirka’s Bank Security Specialist (MBSS for short): “Yes, indeed, you did well NOT TO click on the link. You are right to check with me.”

Mirka: “So was this email from you?”

MBSS: “Yes, we sent it.”

Mirka: “And it said to click on a link?”

MBSS: “Yes, I see that.”

Mirka: “And you say I should never do that?”

MBSS: “Yes, that’s correct. Never do that. Access your account from your own log-in, always.”

Mirka: “So why do you continue to send such emails with links that ask for log-in?”

MBSS: “It’s a courtesy. A convenience. But never access any sensitive account from an email. You are right.”


I also got such emails from my webhost and got a similar confirmation from their security specialist that I did right NOT to access the link in the email.


This reminded me of the chapter in The Little Prince, where the drunk explains that he drinks to forget his shame and his shame is that he drinks.

This madness of trusted companies’ emails continues, as well as occasional real friends sending links with nary a word that would distinguish them from phishing scams. I always check, and I continue to use the safe practice of never ever clicking on email links until verified.


Vijaya said...

The circular arguments make me laugh. At Boeing, the IT dept sends bogus to test people with cyber-security stuff and Michael says he's fallen for it at work. At home, not so much.

Dave said...

LOL. So true.

Did you hear about the guy in Hong Kong (I think) we got fooled by a deep fake zoom call and sent 25 million to someone?

Mirka Breen said...

"Did you hear about the guy ..."

OY :,(

MirkaK said...

Excellent advice. I always check before opening anything. Mostly I hit DELETE.

Mirka Breen said...

DELETE has become my most used function also :(

Barbara Etlin said...

You're so right.

I just got off the phone with my financial advisor after M received an email addressed to him and me, mentioning all kinds of financial things. It was from a name I had never heard before. I asked the financial advisor whether he knew So-and-So and that we had received a strange email from her. He said that she worked with him and that we could ignore the advice in the email. She was sending out a blanket email to everyone on h8is client list. I said that he should give us a warning before doing that again.

If he hadn't said that he knew her, I would have blocked her.

And yes, my bank has sent those kinds of emails, too...

Sherry Ellis said...

A lot of emails are spam and security hazards. You always have to be careful with them.

Evelyn said...

What a crazy conversation with that bank person.

Sue said...

Good grief! How dumb.

That makes me feel how I feel when talking to my Medicare Prescription D provider for this year. Though I struggle with anger with them.