“I Know Who You Are and I Saw What You
[Editor’s Note: The views expressed here are solely those of Ross Kaplan, and do not represent Edina Realty, Berkshire Hathaway (“Berkshire”), or any other entity referenced. Edina Realty is a subsidiary of Berkshire.]
One of the scariest horror movies of the ’60’s was about two, bored teenage girls who pass a Saturday night in the Summer making crank phone calls to amuse themselves.
Their m.o.: when randomly selected strangers answer, the girls ominously intone, mantra-like, “I know who you are, and I saw what you did.”
Unbeknownst to the girls, one of their targets is a man who just committed murder; he traces their phone call, and tracks them down.
Of course, the teens’ parents are conveniently out of town, and they’re alone in the house.
I still remember the movie’s climactic scene 50 years later.
Cue 2018 Holiday Shopping Season
What’s that got to do with phishing scams this holiday season?
Scammers know that the average American now spends something like $1,500 a year online annually — a good chunk of it in the next few weeks.
Included in that group: yours truly.
Having just bought a fleece jacket online from a national retailer for $49.99 (regular price: $120) — and given a “heads up” by my son that the publicized sales price and the actual invoice amount just might be different (guess which one was likely to be higher?) — I was already on alert.
So, when I received an email saying “online order confirmation” for $59.99, not $49.99 . . . I immediately pounced.
I opened the email, saw the button labeled, “contact vendor,” and clicked.
I’d just been phished . . . and I bit.
Damage Control (and Ounce of Prevention)
Fortunately, Edina Realty’s Tech Department (my frantic next call) immediately assured me that the scammer was known to them, and that clicking on their link resulted in no bad consequences (which begs the question, “exactly what were they up to??”).
Tech Support’s advice: “delete the email . . . and don’t get suckered again” (my paraphrase).
Done, and done . . .
P.S.: According to Edina Tech, there are two, key detection skills: 1) note the origin of the email (it should be the name of a vendor known to you); and check the URL of any links in the email, by passing your mouse over it.
Again, the URL should be a name company, not something unfamiliar and generic.