Dear Annie: A year and a half ago, my husband started receiving confusing emails referencing benefits applications that he had not applied for and email newsletters he had not signed up for. At first, we chalked it up to someone with the same name having momentary confusion about their own email address. (This is an email address my husband has had for 20 years.)
In the months that followed, it has escalated to periodic flurries of messages not intended for him, like a dozen job application confirmations and requests for legal support confirmations.
We don’t know the email address these are intended for, or we’d forward the messages.
Recently, my husband received one such mistaken email that included the other contact information of this person. Should my husband call the phone number indicated to alert this person of the longtime email confusion? Should we instead send a letter that is kindly but intentionally worded and can’t be traced back to us should this somehow be an issue for the person at the other end? Or is this some kind of elaborate scam?
– Cautious Detectives
Dear Detectives: This seems very involved for a phishing scam, which are internet-based ruses to get secure information. A letter seems to be the best course of action, since you still don’t know the correct email address. This also prevents you from getting further sucked in.
Because phishing scams often begin with a message telling the victim that their private information has been compromised, if you were to call this person out of the blue, you might seem like the scammers. That has all the makings of an entertaining stage farce, but who has the time for all those slamming doors?
Any of us can fall victim to phishing scams, so it’s useful to follow guidelines published by the Federal Trade Commission for recognizing and avoiding them. If you’re contacted online by someone about a problem with your account, asking you to click a link to reset a password you didn’t want to reset, or asking for payment for an invoice you don’t recognize, don’t click or reply. Go to the company’s website separately, if it’s a company you do business with, and contact them through the number listed.
If you don’t recognize the company, report the message as spam and delete it. It’s also important to keep your software updated on your computer and your phone, as well as turning on multi-factor authentication, which requires a second step before anyone can get into your accounts.
(Send questions to R. Eric Thomas at eric@askingeric.com or P.O. Box 22474, Philadelphia, PA 19110. Follow him on Instagram and sign up for his weekly newsletter at rericthomas.com.)
©2024 Tribune Content Agency, LLC.