Recently we’ve seen an uptick in phishing attacks, mostly the refund scam type. That being said, when we have these incidents we still need to contain and clean the devices to make sure that there wasn’t more than just a scam email and maybe a remote support tool being used. This takes down time for the user and our team and might go further depending on the circumstances.
Things to look for
- Is this account/charge one you have or remember paying for in the past
- Does the charge seem excessive
- Is there a sense of urgency above what is warranted(ie, threatening to have the police come to arrest you)
What to avoid
- Don’t call the number, or go to the site, in the email
- Do search for the company and look for a legitimate contact
- Do ask for a second opinion
- Do take a step back, re-read the email and take time to process it
Hopefully, these tips will help, many times scams are trying to target people who are easy to scare. If they can scare or pressure you into doing what they ask. No business would need to connect to your computer to give you a refund, nor would they send police or want to be paid back for the overpayment with cards from the store. Most of these scams will stop once they hit a roadblock or direct questioning of what they’re asking. If you have a story of dealing with this or tips feel free to let me know on Twitter or email. Till next time, fair winds and following seas.