Quinn Donovan
You get an email that appears to be from your bank or from your country’s tax agency indicating that there is an issue with your account. Fervently, you click on the link in the email and follow the steps to fix the issue. Some months later, you start noticing charges that you never authorized on your credit or debit card.
What’s going on?!
Your card information has just been compromised. It’s a fairly common occurrence these days in the age of online shopping and banking, but there are some simple steps that will help you avoid both scam websites and emails.
1) Never click links in a fishy email
If the email doesn’t come from an email address associated with your bank, never respond or click on any link in the email. Instead, call your bank and ask them if there is an issue with your account. The customer representative at the end of the line will be more than happy to check this for you.
If there’s nothing wrong with your account, mark it as spam and delete it.
2) Stranger danger
If the email is from a bank that you do not or have never done business with, delete the message immediately.
3) Check the URLs
This is where it gets tricky. Some spam and fraud emails have gotten so complex that they can spoof a legitimate sender’s real address. So what do you do?
Hover your mouse over the links in the email (without clicking them) and see where the website is actually going. Every web browser will show the real URL (website address) in the bottom left-hand corner. If you see that address and t does not match what is listed in the email, delete the message immediately or call your bank to advise them of the email that you received.
We’ve written an extensive piece on how to spot fraudulent sites here.
4) Trust your gut. If it is too good to be true, it probably is
Trust your gut when you see the content of a site. Websites that promise getting a free cruise to the Bahamas, a trip to Europe or the chance to win a certain amount of cash in exchange for your contact details is clearly fraudulent.
Another tip is to always check the domain name of a website. If the business name doesn’t match the domain, then it’ll most likely be fraudulent.
5) Check the Better Business Bureau
Contact your local Better Business Bureau. This will allow you to find if there have been any previous complaints against said organization, or if they even exist. If they don’t exist or there are complaints that have not been resolved, then do not do business with them.
6) Find out if pages are encrypted by SSL
When shopping online, never supply your credit card number to websites that are not protected with SSL security.
Websites protected by SSL will have a padlock right beside its domain name and the “http://” will be replaced by “https://”. If you don’t see the lock icon, https or if the https appears in red, treat these sites as unprotected and unsecure.
For an in-depth explanation of what and how SSL certificates work, read this article.
7) Meet in person
When you use Craigslist or Kijiji, always meet the person in a public place like the lobby of a police station or a coffee shop to do the exchange. Do not go to private residences. No online deal is worth your life, health, well-being or peace of mind, and we are very adamant about that.