By now, I would hope we all know not to click on any link provided
in a business email, even as the email convincingly purports to come from a trusted
company we have dealings with, such as our bank, website host, or our government. Close the email and log onto your account to check if this email or purported activity did indeed take place and requires an action from you.
Goodness, the same digital hygiene practice also applies to
emails from friends when they don’t include clear text identifiers that could only
come from your friend. Spoofing email addresses is an old scammer's trick.
So, when we access the purported sender the safe way by looking their contact information ourselves and asking if the email was
legit, we also educate our friends to not be sending links only. As to businesses, this means calling your bank with the contact number you have (not in
the email) and speaking to security.
And so, this is what I did. My attempt to educate my bank went as follows:
Mirka’s Bank Security Specialist (MBSS for short): “Yes,
indeed, you did well NOT TO click on the link. You are right to check with me.”
Mirka: “So was this email from you?”
MBSS: “Yes, we sent it.”
Mirka: “And it said to click on a link?”
MBSS: “Yes, I see that.”
Mirka: “And you say I should never do that?”
MBSS: “Yes, that’s correct. Never do that. Access your
account from your own log-in, always.”
Mirka: “So why do you continue to send such emails with links
that ask for log-in?”
MBSS: “It’s a courtesy. A convenience. But never access any
sensitive account from an email. You are right.”
I also got such emails from my webhost and got a similar
confirmation from their security specialist that I did right NOT to access the
link in the email.
This reminded me of the chapter in The Little Prince,
where the drunk explains that he drinks to forget his shame and his shame is
that he drinks.
This madness of trusted companies’ emails continues, as well as occasional real friends sending links with nary a word that would distinguish them from phishing scams. I always check, and I continue to use the safe practice of never ever clicking on email links until verified.
The circular arguments make me laugh. At Boeing, the IT dept sends bogus to test people with cyber-security stuff and Michael says he's fallen for it at work. At home, not so much.
ReplyDeleteLOL. So true.
ReplyDeleteDid you hear about the guy in Hong Kong (I think) we got fooled by a deep fake zoom call and sent 25 million to someone?
"Did you hear about the guy ..."
ReplyDeleteOY :,(
Excellent advice. I always check before opening anything. Mostly I hit DELETE.
ReplyDeleteDELETE has become my most used function also :(
ReplyDeleteYou're so right.
ReplyDeleteI just got off the phone with my financial advisor after M received an email addressed to him and me, mentioning all kinds of financial things. It was from a name I had never heard before. I asked the financial advisor whether he knew So-and-So and that we had received a strange email from her. He said that she worked with him and that we could ignore the advice in the email. She was sending out a blanket email to everyone on h8is client list. I said that he should give us a warning before doing that again.
If he hadn't said that he knew her, I would have blocked her.
And yes, my bank has sent those kinds of emails, too...
A lot of emails are spam and security hazards. You always have to be careful with them.
ReplyDeleteWhat a crazy conversation with that bank person.
ReplyDeleteGood grief! How dumb.
ReplyDeleteThat makes me feel how I feel when talking to my Medicare Prescription D provider for this year. Though I struggle with anger with them.