I’m sure most people here know some of the key ways to protect yourself against this kind of scam, but just in case:
Always be watchful when contacted by an organisation (bank, company, etc). You need to verify they’re not a scammer, at least if you’re giving out login credentials or anything else sensitive
Check the source phone number/email address. Banks usually will not call/text from an international number, or cell phone. Emails will be sent from the appropriate domain (e.g. bnz.co.nz)
Never log into something if you’ve clicked on a link in a text message/email, unless you are really sure it’s safe. If in doubt, go directly to the bank (or whatever) website and log in rather than clicking on a link.
Don’t be rushed. It’s better to wait on hold for 2 hours to contact the bank directly than to lose thousands.
Turn on two-factor auth on anything important (banks especially)
Remember scammers will try to make you feel like you’re bring rude or difficult by asking them questions. That is part of the scam!
A few years ago I had contacted the Dell Support Team about an issue I was having with my order, and they called me back and had asked me to give them my card details so that they could cancel and make the payment again. I wasn’t comfortable with that so asked if we could do it another way. I was a bit nervous?, about asking but they didn’t think it was weird at all and were very accommodating.
I feel it’s a really good rule of thumb to just not click any links, especially if they’re texted. I can’t think of the last time an organization texted me a direct link, MSD and IRD usually send you a text telling you to check your account for instance, so I feel it’s much better to er on the side of caution and ignore them all.
Emails are a bit trickier but most organizations generally use letterheads and footers to identify themselves pretty plainly, but if I’m ever in doubt I’ll again er on the side of caution again and either ring them or go straight to the website rather than touch a link.
I’m sure most people here know some of the key ways to protect yourself against this kind of scam, but just in case:
Other tips?
Use a password manager…it will not auto-fill on the wrong website.
You would have to go and manually copy the password from the manager and into the fake website, giving you another mental break point.
Yeah good point. And there are obviously other advantages of using a password manager.
Yeah, much beetter to be safe than sorry.
A few years ago I had contacted the Dell Support Team about an issue I was having with my order, and they called me back and had asked me to give them my card details so that they could cancel and make the payment again. I wasn’t comfortable with that so asked if we could do it another way. I was a bit nervous?, about asking but they didn’t think it was weird at all and were very accommodating.
I feel it’s a really good rule of thumb to just not click any links, especially if they’re texted. I can’t think of the last time an organization texted me a direct link, MSD and IRD usually send you a text telling you to check your account for instance, so I feel it’s much better to er on the side of caution and ignore them all.
Emails are a bit trickier but most organizations generally use letterheads and footers to identify themselves pretty plainly, but if I’m ever in doubt I’ll again er on the side of caution again and either ring them or go straight to the website rather than touch a link.