Important Notice: Starting today, my assistant, Angie Strehlow has a new email address which is Please update your contacts to reflect the new email.

And speaking of email, let’s talk about email safety…

NEVER send important information such as your Social Security Number, your medicare number, or other personal information via regular email. This is because of how email works. It passes through other computers on its way to its destination. That means a hacker can intercept your email while it’s traveling through these computers, and steal your information.

My office uses secure email (you’ll need an additional password other than your regular email password to open it) when dealing with your personal information, and we utilize a secure file sharing service and secure fax service to receive secure information from you. (

Technology provides useful tools and resources. There is a plethora of great information right at our fingertips. With advances in technology, scammers evolve too. Scams can happen through a variety of methods, including phishing emails, social networking sites, SMS messages on your cell phone, fake tech support calls, fake IRS calls or emails, scareware, and so on.

I wanted to cover the topic of email safety tips. We will go over the most common email scams and how to avoid them.

Spam Email

In simple terms, spam email is junk email.  These are the annoying unsolicited messages we all get about things such as online degrees, pharmaceuticals, and work-from-home opportunities.

It’s one of the reasons that I generally only email my clients once a month.

These are usually mass-emailed to a large group of people. Spam can be sent by real humans but is typically sent by a botnet.

A botnet is a network of computers that have been infected by malware. It is controlled by a single attacker who is called the “bot herder”.

Spam can also be sent via text messages or social networks.  We all learned this during the last Annual Election Period when many of us were getting unwanted text messages regarding Medicare plans.

Spam is annoying, but it can clog up email inboxes if not filtered and deleted properly. It can also pose a security risk.

Spam email senders often change their methods and messages to fool people into downloading malware, sharing personal information, or sending them money. These emails are usually commercial and driven by a financial motive. Spammers try to promote and sell items that are questionable, make false claims, and mislead recipients into believing something that’s not true.

Some of this information came from:

Email Spoofing

Spoofing tricks users into believing an email came from someone they know and or can trust. People are more likely to open these emails when they think it has been sent by someone they know.

A lot of these fraudulent emails will contain attachments or links which if opened or clicked on can spread malware and viruses into your computer.

As an example, you may get an email that looks like it’s from your close friend. So at first glance, the sender’s name may appear as your friend’s name. However, if you hover your mouse over the “friends” name you will see an email address that is not correct.

I’ve heard of many times where your “friend” tells you that they are in a tight spot and they need money, which they of course will pay you back.  If you get one of these emails CALL your friend.  Think to yourself, is this really true?  Would my friend be stuck somewhere without a credit card?  Why didn’t they call me instead of emailing me?  When I get emails like this supposedly from my clients, I CALL them.


Phishing is a type of cybercrime where criminals pretend to be someone else in order to steal your money or get your personal information. Criminals use links that will appear to go to a legitimate site but instead take you to a different site. Phishing is one of the biggest threats when it comes to cybercrime.

There are several various types of phishing attacks. The main thing they are doing is trying to get you to click on a link to “log in”.  Do not fall for it.  The site is trying to steal your login info to the real website.

Never click on a link you get from an email.  Login your regular way to try to find if the info the email sent you is true.

The most common are explained below:

Normal Phishing –This type of fraud involves scammers sending out emails in large batches in an attempt to hook anyone they can. Usually, scammers will pretend to be from a legitimate company and ask for personal information or login credentials in order to steal money.

These emails often use threats or a sense of urgency to get users to take action. For example, PayPal fraudsters might send out a phishing email asking people to fix an error in their account or face penalties.

Spear Phishing-Spear phishing targets a specific person or company. Spear phishers tailor their messages to appear as if they come from someone they know. They use information specific to their targets to convince them that they have a relationship with the sender. This is often done by impersonating a legitimate employee or contractor to obtain confidential data or banking details.

Spear Phishing – Spear phishing is similar to whaling, but instead of targeting just any employee within an organization, whaling targets the big fish! To focus on these high-level executives, phishers may spend months researching their target companies, analyzing their routines, mapping their personal relationships, and even creating fake personas for them. The scam itself may go on for weeks; scammers may wait to lure victims into falling for their scams by first building trust through a series of exchanges.

How to Avoid Email Scams

Analyze- If the email seems strange, there are a lot of spelling or grammatical errors or the tone of the email seems frantic like you must take action now, investigate further.  A lot of times you can call the sender to make sure the email is legitimate.

Be careful before you click! – It’s okay to click on links when on trusted websites. Clicking on links that appear in random emails and instant messages, however, can be dangerous. Before clicking on links, hover over them first to see if they’re safe. Do they lead where they are supposed to?

Check your online accounts- Check your online accounts regularly even if you don’t technically need to. Get into the habit of changing your passwords regularly as well.

Keep Your Browser Up to Date – Security patches are released for popular browsers all the time. They are released in order to protect against the security loopholes that phishing attacks inevitably create and exploit.

Use firewalls. You should use two different kinds: a desktop firewall and a network firewall.

Never Give Out Personal Information – As a general rule, you should never share personal or financially sensitive information over the Internet.

Use Antivirus Software- It is important to use this and to keep it up to date at all times.

There is no single fool-proof way to avoid phishing scams however they aren’t something you need to live in fear of.  With these tips in mind, you can enjoy a worry-free internet experience.


Remember to stay safe!