Diligence Versus Paranoia
I had a call recently from a customer who asked me to remove him from the internet, as he had been a victim of identity theft.
I was quite alarmed by this and agreed to visit as soon as I could to do whatever I could to minimise the damage and indeed to remove his connection to the internet.
When I arrived and asked what had happened, he explained that he had been receiving emails from High St. financial institutions stating that his account was locked until he logged in to verify his identity.
I asked him if he had logged in and carried this out, he replied that he didn't even have an account with any of these companies, but had handwritten a letter to each of them explaining that he did not want to be contacted by them in this way again.
It was with some relief that I explained this was simply a scam known as "phishing" and is an unfortunate result of using your email address online.
Briefly, it is inevitable that at some point you will enter your email address on a website, while shopping online, registering for a service, or carrying out some online transaction.
There are many and varied ways that your email address can fall into the wrong hands and I haven't got time to explain them here, but suffice it to say that there are people out there who will pay good money for stolen email addresses. It is then a simple matter of designing an email which looks like an authentic communication from a High St. bank, in the sure and certain knowledge that of the million or so email addresses they send it to, tens of thousands of them will be customers of that bank and even if only 1% fall for the scam and enter their details, that can mean hundreds of bank account details could be compromised.
The message is simple, if you receive an email from your bank, building society, or other institution of which you are a member, DO NOT EVER click a link in an email. Instead if you receive an email from your bank etc. go to your browser and login using your bookmark, or favourite, that way you know you are going to the legitimate website.
If you don't even have an account with the company, either delete the message, or select: "Mark this message as Spam".
I was able to reassure this customer that he had experienced the equivalent of a burglar trying his front door, and, finding it locked, wandering off to find easier pickings elsewhere.