Once again, I had to go no further than my own email box to find today’s “scam of the day.” In my email today was an email that purported to be from Ameriprise, the online brokerage and financial planning company. As you can see in the email which is reproduced below, I was invited to click on a link to receive a “secured message” about an important matter supposedly affecting my account. This is a scam. DO NOT CLICK ON THE LINKS IN THE EMAIL COPIED BELOW. Phishing is the name for the scam in which you receive an email that appears to be legitimate and attempts to lure you to a tainted website or to download a tainted link. The email is not from Ameriprise and if you click on the links you will either be taken to a phony Ameriprise website and prompted to provide personal information that will lead to your becoming a victim of identity theft or you will, when you click on the link, unknowingly download a keystroke logging malware program that will steal information from your computer and make you a victim of identity theft. This particular email is not a very professional attempt, however, to scam me. The email address from which it came is from a personal aol account and probably not the account of the identity thief, but an account that had been hijacked as a part of a botnet by the identity thief. For more information about botnets and how they work, you can either check out my book “50 Ways to Protect Your Identity in a Digital Age” or go to the list of topics on the right side of the scamicide opening page and scroll down to the topic of botnets for some cursory information about how they work and how to avoid them. In addition, the email salutation reads “Dear Customer.” It does not even use my name. Finally there is no logo or other appearance that the email is from the real Ameriprise.
Never click on links unless you are absolutely sure that they are legitimate. Unfortunately, anytime you receive an email with a link, you cannot trust it because even if it is from someone whom you trust, their email account may have been hacked and the email is actually being sent by an identity thief posing as a friend or a company with which you do business. The best course of action if you think the email may be legitimate is to call the real person or company to confirm whether or not the email is legitimate. Also, make sure that your security software and anti-malware software are installed and kept up to date on all of your electronic devices.
If you receive any phishing emails, please send copies of them to me and we will feature them in Scamicide to warn others. Remember, we are all in this together.