Did you know that the average person's email inbox is about 45% spam? 

In an independent study, groups reported up to 60% of email received in their inbox each as spam, with a 25% daily minimum on average. 

We have all received unsolicited spam emails before. Since email became a standard for instant written communication and information sharing back in the early 1990s, the amount of spam circulating on the web has increased dramatically.

While we have come up with better protocols and algorithms to sort the junk mail from what people actually want to open in their email inbox, these efforts aren't perfect. In fact, you will still find a chunk of missed emails in your 'spam' or 'junk' folders that could be considered important or time sensitive.

It can be extremely difficult to differentiate, especially if you subscribe to email newsletters, use digital forms for data collection, or use one email address for the majority of your account registrations and activities online. So at what point does just annoying, inbox storage eating, relentlessly bumping spam email become a security threat to you or your business? 

All spam can be considered a scam to some degree, but not every junk email is going to cause lasting issues. If you can identify threats, we can help with the next course of action to protect your digital assets.

1. Inspect the sender address for misspelling or misleading punctuation. Look for clues in the header subtext.  These email domains will often include easily missed characters such as '.' in between letters of commonly used domains, like a.mazon.com. The domain may even be completely misspelled and if you should go as far as to open and 'reply' to these emails, you may notice a different reply to email address or BCC in the header. Sometimes an email may appear to be an official correspondence, but there will be a forwarding address that isn't immediately apparent. This can be indicative of a phishing attempt. 

2. Ask yourself, 'Did I solicit this response or trigger an automailer in any way?' You most likely have. Many websites require an email address and the acceptance of terms that allow the organization to contact you by email, send you automatic newsletters, promotions, and other common communications. This may eat up your storage space, but they are typically harmless and if you're starting to get fed up, you can usually reply STOP or scroll down to the footer and find an 'Unsubscribe' option to opt out of any further email communications from that sender. 

⚠️Most companies, including most utility companies and service providers will never initiate contact with you without you contacting first or performing some kind of confirmation - a purchase confirmation or an automatic payment receipt, an invoice for recent services - these things require your initiation. If you receive an email from a company or service provider you do business with regularly asking for payments, asking you to confirm your sensitive information - account information, address, social security number, etc- DO NOT REPY - mark the item as Spam and/ or report it to your data security team.

 These emails are best ignored and left to rot in your spam folder until deleted, however, you can protect others and prevent possible security breaches before they happen by reporting the email to the official sender, that is, the real business the email allegedly came from so that they are aware and can take action. You can also report potential scam sites, malicious mailers, and phishing attempts to the FTC. 

Finally, these emails require you to reply with the information requested, so as long as you keep that to yourself, they are safe to ignore. 

3. Avoid opening attachments from unknown senders, following links from unknown sources, and disable HTML / scripts in your webmail or viewer settings. This is one that echoes true from back when email was associated with 'You've got mail.' Unfortunately, back then, most viewers did not have settings that prevented the display of HTML or the execution of scripts upon opening an email. Now, most webmail providers, Outlook and other POP3 services have settings that you can adjust based on the message or contact. Gmail has HTML blocked by default with the option to enable HTML given when you open the email. 

4. Change your email account password often - AT LEAST once every 30 days and avoid reusing passwords or making your passwords too easy for bad actors to guess. We all have been there. We have thousands of accounts in our names these days how can anyone keep track of them all? With recent Google Chrome updates and the addition of Microsoft Hello on Windows 10+ operating systems, keeping your accounts secure AND easy to access without keeping a password journal is as easy as setting up a pin, facial unlock, fingerprint, or external security key.

Not only that, but many web browsers will auto generate secure and complex passwords for you, allowing you to save them in your account to access when you need them.

Passkeys allow for you to use the same login across accounts and devices with your facial recognition, pin, and/or fingerprint. This is potentially the most secure option for those who can opt in to it. If you can't utilize your passkey at work, your company may issue external security keys - flash drives that 'unlock' accounts inside the company network or within your clearance. 

If you don't have the option to use either and wish to stick with the old fashioned way of creating and storing passwords, create a password (within the specifications) that contains a variety of punctuation, capitalization, and numbers, if possible. The more random the better. The best place to store them? I'm a physical notebook. I myself keep my password backups in a password journal like this one. You should keep this book in a safe place, such as a locked safe or somewhere that cannot easily be accessed. Update each account password as needed every time one is created or changed. Get in the habit of changing your passwords regularly. 

If you're wondering what that has to do with the dangers of spam, it's quite simple. If you become the victim of a phishing scam, the bad actor now possesses a lot of your personal information. This often includes access to the email account itself. Setting up two factor authentication and alerts can help mitigate this risk. 

If you see something, say something. If a phishing or scam email is circulating your business network, let your coworkers / employees know to flag and ignore it. Education and recognition are your first line of defense in the prevention of security breaches, fraud, data leaks, and malicious attacks on your databases. 

5. Keep track of official communications when doing business over email. In this day in age, negotiations, contracts, and payments can all be done efficiently and remotely. This also leaves potential loopholes for bad actors to acquire your sensitive data with a bit of luck and social engineering.

The best practice is to keep these communications in a separate folder and approve mail from only known email addresses within the business. If anything seems suspicious or off, don't hesitate to give them a call and confirm. 

That being said, even though it is ill advised, we often transfer sensitive information back and forth via email. There are ways to do this securely and safely and even free resources to do so for individuals and small businesses.

The following links provide apps and plugins tried and true by our agents that we recommend to lockdown your communications and data sharing. Digital Saints Solutions is in no way affiliated with nor do we receive compensation of any kind from any of the providers on this list. For more info on who we partner with, review our policies 

🔗OneTimeSecret- FREE Encrypted, secure platform for sharing passwords, credentials, and other sensitive information with viewer control, automatic expiration, and encryption options upon sharing via email. Created by a third party, small business developer. Subscribers to the software may customize the domain from which the secret is shared and other enhanced security features. 

🔗Proton Mail - Proton Mail offers a paid premium encrypted secure webmail platform and email server for enterprises and individuals. Enhanced security features are only accessible with paid accounts, but single email address without domain customization and limited storage may be created for free. PoP3/Outlook compatible. Cloud server and VPN service also available through this third party verified independent developer. Proton VPN is verified in the Google App store as being audited and deemed secure. 

🔗DuckDuckGo & Aloha Private Browsers - Using a private browser prevents tracking cookies / spyware from attaching to your IP and bad actors from potentially gleaning information submitted through common web forms or checkout pages. Both developers are praised by others in the field for providing a neutral, private, and secure web browsing experience to individuals and companies with high security clearance. Aloha was recently audited and found secure by independent third parties to further back up the validity of the software. Both browsers are free to download and automatically send 'Do Not Track' notices to advertisers and bots. 

🔗 Incogni - A relatively new company that has developed an algorithm that identifies data breaches and tags leaked, compromised, or old data for deletion, scouting the internet for unused, hacked, or compromised accounts on behalf of the user. This software isn't free, unfortunately. If you receive a lot of unwarranted, unidentifiable, and unwanted email coming from various sources or potentially bots, services like this can remove your data from offenders databases, including your contact information. There are many tools available such as this one on the web, we encourage users to compare benefits and costs. 

🔗JotForm FREE Starter and Business Options - We hold a contract with JotForm for our clients as one of our many solutions used to protect and provide secure communications outlets, document sharing / file sharing, payment processing, and more. Using a contact form mitigates the ability of an algorithm or bad actor to grab your email address off of your websites which can be used as a gateway to your data. Jotform provides encrypted submissions, links to Google Sheets and database APIs, integration with apps like PayPal, Adobe, and MailChimp, allowing secure submissions, payment processing, database building, and more. We highly recommend this platform as a more affordable alternative to Typeform which offers similar tools with a more polished UI. Virtually any contact form API or setup - including Google Docs or Google Forms - can be used with unique ID, Captcha, email verification, encryption, etc. To create stronger security options for your business. 

Every project, every individual, every product, every business, and every company is unique. Consult with a knowledgeable, experience agent FREE regarding your web security options, integration, and receive a tailored list of services and solutions matched to your needs at an affordable price. Contact Us now. 

Make Your Devices Last Longer and Run Better - New Year's Tips To Keep Your Devices In Near Mint Condition 

Do you have the same cellphone you had last year? What about two years ago? More? Most people upgrade or replace their current cellphone every 2.5 - 3 years, but we can look forward to this length of time increasing as the majority of technological advancement across the board is in cloud and AI development.

Your old laptop, cellphone, or tablet (so long as it's still supported by its operating system to receive updates / patches) may be hanging around for much longer, so long as the proper measures are in place to ensure it doesn't suffer any kind of motherboard, screen, or chip damage. 

When mobile phones first made their way to the market, for the amount of money that it cost for both the service plan and the financing you would have thought you bought something that was akin to what we have now with all kinds of capabilities. It was, in fact, just a phone without a cord. That was it. 

Now, our cellphones are more than just communication devices. For millennials, Gen Z, and the upcoming generations, these devices have become akin to a diary or journal, your wallet, your daily Newspaper, cable provider, community connection, and of course, your phone.  Older generations have jumped on board, but have had less time for these devices to be integrated into their lives like they have with the former. 

It goes without saying that your devices are important. Whether we're talking about your phone, tablet, desktop, or laptop, these core devices definitely hold more priority in your life than your Ring doorbell or smart fridge. They're your connection to all things that you care about. So it makes sense that you would want to devote some time into ensuring that they remain in the best condition possible. 

There is nothing more frustrating than losing access to your apps, files, and communications. Not to mention, most of us are hard pressed to be able to remember anyone's phone number anymore. We rely on them, and this makes it even more devastating when something goes awry. 

While we can't possibly address all the ways you can make your technology last longer and perform better, this list of tips include some that may seem like common sense and others that we promise you may not have thought of. Most of them can be applied to all your devices

With hardware taking the backseat to algorithm, cloud, AI, and other software developments, we can expect to see less innovation when it comes to changes or upgrades on new releases, meaning that you can essentially hold onto your devices longer than you could during the technology boom of the 2010s - with a bit of prep and caution. 

1. Restart your devices regularly. This is one of those 'common sense' tips that we know we should do but often don't or put off regularly. While your device will typically automatically restart after an update, it is good to restart your devices at least once a week. Even better, allow them a good 10-20 minute rest. The amount of heat from the battery, processing, and screen lighting will eventually destroy the chips and miniature parts within, taking years off the life of your device that can be mitigated with a short cool down period. The length of time matters. You don't want to shut down your device for a minute, thirty seconds, etc. As some devices have hard and soft reset thresholds built in based on the length of time they have been shut down before rebooting. So, yea, when tech support told you to unplug it, wait 15 seconds, and plug it back in, the 15 seconds was key. 

Scammers don't just exclusively use the Internet and there are many ways they can steal your identity, credit card number, or even your virtual account information while you're out and about. While we have made several advancements when it comes to card security and the level of encryption payment processors and financial institutions use, it isn't 100% hack proof and can never really be.

Security is a two way street, while one entity may put their best foot forward, the other may not always be on their A game. I have a few basic tips will help you keep your identity and finances safer as you go about your holiday shopping and travel this year that you don't even have to thank me for - but it's the best gift I can give you. 

1. 🎁Leave your cards at home. Almost every financial institution offers a virtual card or virtual wallet compatible card that you can add to your Apple Pay, Google Pay, Samsung Pay or any virtual wallet app on your smart phone. These virtual cards connect to your account, but do not reflect your actual card number and do not have any available account information in their data composition, thus making it much harder for a hacker or scammer to intercept or steal. Set up your virtual wallet of choice and use your phone to tap to pay at any retailer that accepts credit or debit cards.

1.  🎁Use Credit instead of Debit and avoid entering your PIN. Credit card institutions provide more protection for fraud, reimburse victims, and will provide cars security services that a traditional bank or debit account cannot. Since credit isn't linked to your actual monetary wealth, a scammer or hacker stealing your credit card information can easily be rectified by cancelling the card, disputing or stopping the transaction, and contacting your credit card company. Not only this, but reimbursement is much easier to receive than if someone spends your entire bank account balance. If you don't have credit cards or don't have high credit limits, there are options for you as well. 
2. Avoid entering your PIN number into the terminal anywhere that isn't an authorized ATM attached to your financial institution, even if you are simply requesting cash back. Run your card as credit when asked to skip the pin entry or use your virtual wallet app. 🎁Only enter your card information for purchases through secured websites with encryption. You may notice a lock symbol in the upper left hand corner of a website running https protocols. You can click this icon and learn more about the way the website is encrypted and secured. Most banks use 256 bit level encryption, but this isn't entirely necessary for a merchant. Look for security details and verify the merchant before making your purchase. You can easily find business information online, including reviews and disputes made by customers. 
3. 🎁Use Screen Lock and 2 Factor Verification. Your phone is your life. If it's stolen or lost, there goes pretty much all of your sensitive information with it. For this reason, you should always use a screen lock. Biometrics work best as they are unique to you and allow you to create "passkeys' that can be used to unlock and access other accounts securely on other devices using your screen unlock method on your phone. Enable 2 Factor Verification for your accounts in the event that your device is compromised or even just for data. This can be done using a phone number or third party authenticator app. Some platforms also use methods like back up codes. Keep any and all of this information safe by printing it out, storing it in a physical file folder, and removing digital copies. 
4. 🎁Don't post your vacation plans or location on social media. Avoid responding to posts that ask questions about your birthday, full name, etc. Social Media platforms like Facebook and Instagram are set up to attach your location to your posts unless you disable this feature. If you plan on going away for the holidays, don't let would be burglars get a heads up by letting them know exactly how long you plan to be away lest you awaken Christmas morning to the tree and the presents missing. This may seem like common sense, but it's amazing how many people still post their whereabouts in ways that could result in break ins or even potential aggressive robberies. 
5. Make sure these settings are disabled on your children's profiles as well as your own or limit exposure to people that you know well using privacy and blocking settings. The second thing refers to popular 'games' on social media that will ask for these items to discover your 'spirit animal' or something of the sort. Many times, the responses to these questions are easily the answers to security questions that platforms use for account recovery. While it may seem innocent, consider who can access this information before you post it and how it may be used.

6. 🎁Take advantage of Informed Delivery, tracking, and in person package pickup services. If you suspect you have porch pirates or want to preemptively keep your packages safe for yourself or the person you have sent to, there are several free ways to help avoid the situation entirely. Most couriers will allow a ship to store option for consumers, often for no additional cost. You may select this option when purchasing a shipping label online or request it in person. This way, they will hold the package when it arrives until you can physically pick it up in person, completely avoiding the situation where your package is left out as porch pirate bait. If you don't like this option or can't easily access your local post office, UPS store or FedEx location, another option offered by USPS and (in some form) by other couriers is informed delivery. Informed delivery will notify you when a package is ready to be delivered and in the possession of your mail delivery person. From the link in a text or via email, you may arrange for them to hold the package or reschedule the delivery when you will be home to snatch it up before anyone else does. If you don't sign up for this, you can still sign up for free text alerts from all of these services on their website to receive updated shipping and delivery info for yourself and those you may ship to. 

   Before we conclude, I wanted to address those who may be thinking cash is still king when it comes to avoiding some of these things. While cash is indeed a secure option from the data side of things, unfortunately many stores and companies will not always accept cash payments, particularly if change is needed or if using a self checkout. Many organizations have also stopped accepting bills larger than $20 denominations due to the high level of counterfeit fraud, particularly during the holidays.

   If you don't use a bank or credit card, you still have the option of using a prepaid debit card, many of which are sold in popular grocery stores and are provided by well kowm companies like PayPal or NetSpend. Prepaid cards allow you to use digital payment options and make purchases online with a preset amount you can either "load" onto the card in-store using cash or transfer onto the card from your bank account. These cards can still be skimmed or hacked and aren't 100% secure in that regard, however, if you want to make secure purchases using a card or set a budget for your holiday spending, purchasing a prepaid Visa or MasterCard could be the best option for you. 

   
   

🎄And with that, we wish you a safe and secure holiday season. May you have a wonderful Christmas and happy New Year! 

In 2023, victims reported losses up to $10 billion dollars to scams, the highest amount ever reported to the FTC. A 14% increase from 2022.

(Image source and data from ftc.gov)

When we think of hackers and con artists, we usually don't picture the kid next door that goes our lawn or the mailman that has been delivering our mail since we moved in to the neighborhood.

The reality is that ANYONE could potentially be a scammer, con artists, fraudster, or even a malicious hacker just like anyone can become a victim of their craft. 

People also tend to think that only 'stupid' people fall victim to these crimes, and, while scammers overseas will often brag about how 'stupid Americans are' indeed, truthfully it has nothing to do with intelligence, race, gender, or nationality.

Businesses and individuals must be vigilant when it comes to education and protecting themselves from these "attacks". In many cases, even intelligent individuals find themselves dealing with the fallout from a scam or loss of account control, stolen identity, and other fraud.

The persons enacting these crimes are constantly updating their software and their methods, educating eachother and sharing information. One of the most common mistakes is that you have to 'initiate' the scam or performed some kind of action that resulted in the wrong people getting your sensitive information. Unfortunately, it's not as easy as avoiding specific websites or watching for signs that a form is legitimate or not. While being savvy as to some of the tactics these individuals use is definitely helpful, it won't prevent all potential avenues that can be used to lure victims into participating in their master plan.

From legitimate data centers or call centers, your first name, last name, and phone number is easily bought and sold by criminals from legitimate businesses with bad actors within them. Information and data sent between verifiable institutions such as banks can be intercepted and used to make victims think that they are dealing with a legitimate business or customer service agent. 

The holidays is always a crucial time to be on alert and to proceed with caution when it comes to safe guarding your data and using precautions to protect yourself from these bad actors. With several thousand transactions taking place each day leading up to Christmas in brick and mortar stores and online, it isn't surprising that scammers and hackers take advantage of all the holiday chaos. 

As a public service and to safeguard our clients, your clients, and employees, we want to share some resources and information that could save you the headache and financial turmoil of becoming a victim.

While we cannot possibly present every scenario or advise you on how to proceed in every situation that a scammer could come up with, we are well aware of several strategies and methods used by these bad actors and there are ways to throw them off or avoid the potential data loss all together. 

As a side note, the best weapon we have against these individuals is education. The elderly are often targets because they typically aren't tech savvy and have a completely different worldview from growing up in a different era that makes them vulnerable. Education is the best tool we have to fight these individuals looking to take advantage of others and we encourage anyone reading this to pass on this information to friends, family, coworkers, bosses, and so on.

You really just never know who could be next and a lot of these crimes go unreported as the victims feel embarrassed or stupid for falling for it. There is no shame. If you are intelligent, they have to be just as intelligent to get to you if not more so.

These players have been playing the game much longer than you have and it's definitely rigged in their favor. 

• 🔐Write your passwords down in a ledger with your other credentials. Keep the ledger updated. It's easy to store passwords in your Google account or on your devices, but unfortunately this allows a backdoor for someone that has access to your email or your device to now access the account information you have stored on it. No database is 100% safe and hack proof these days, but pen and paper stored in a safe place (not under the keyboard or somewhere people often hide passwords!) cannot be accessed online or through a network account. 

• 🔐Update / change passwords often. This also seems like an annoyance and a pain in the butt that many of us circumvent when password expiration is enforced by our workplace or a specific website. However, changing your password often (and using this opportunity to log out from all devices signed in to that website) can save the headache in the future if someone has unauthorized control / usage of your account. It is important to make each password unique and not a reiteration of the last five passwords, as well. This makes your passwords harder to guess and will kick anyone that you don't want logged into your accounts off of them. Try and change your passwords every 30 days as a general rule of thumb. Avoid common terms and passwords that can easily be guessed. Use combinations of letters, numbers, and symbols (when allowed) to create a difficult to guess password that is also hard to crack, but not impossible. This can significantly reduce the damage of hacked accounts and prevent them, but a determined hacker can always discover the new password. You can never create a hack proof password, but you can make it very hard to do so. 

• 🔐Be suspicious of random calls from banks or seemingly legitimate companies discussing your accounts(s) or requesting sensitive or personal information. The most recent scams have come from seemingly legitimate sources, but they always will either originate from a call or end in one. Scammers know that once they get the victim on the phone they can use charm and intimidation to get the victim to perform the tasks they require from them or share key information they can use against them. Remember, no business, bank, government institution, or legitimate business organization will call you 'out of the blew' without your initiation.

For example, if you request a call back from your financial institution for support and they return your call, that is more likely to be a legitimate call than one made without your knowledge or initiation. Always check the company policies as many will state they will never call you and ask for personal or account information over the phone.

In fact, if you are to receive communications by phone, text, or email from nearly any company in the USA you will have to physically 'opt in' to receive them and those settings can also be verified. 

🔐See this list of the 9 Most Common Call Scams from Synchrony Bank 

• 🔐Beware the Long Cons. Relationship / Romance Scams fit this bill. These scammers are patient, cunning, and will put victims in situations where they may be perceived as an accomplice or they may unknowingly implicate themselves in the crime by laundering money for the scammer or performing other activities to facilitate the scam.

These people often troll dating websites and apps looking for lonely, often elderly singles (but not always - check out this article) that they believe may have a bit of wealth or even younger, accomplished singles - men and women alike. They will create a fake profile that seems appealing to their targets, sometimes even pretending to be celebrities or well known persons, using photos they have stolen from legitimate accounts or tabloids. They will lead the victim to believe that they care about them, develop an ongoing relationship with them, and when they feel the victim is comfortable with them, they will start requesting sums of money for 'travel expenses' or make claims that they need to pay medical bills, can't pay their mortgage, etc. 

These scams can lead not only to financial loss and emotional damages, they have even lead to criminal charges and even death for those unfortunate enough to be caught in them.

Just like a bad relationship, it can be very hard to cut ties with the scammer as they will often retaliate in a nasty way.

If you or someone you know (or you suspect may be) a victim of a scam like this, click here. If you are a dating site / app user and want to know how you can protect yourself, click here. 

• 🔐Verify URLs, do not click / tap URLs in texts from anyone you don't know and double check email addresses before following links or downloading attachments. This is easier said than done and because of the prevalence of these 'phishing' and ransomware scams, scammers have found new ways to get around even the most savvy and vigilant consumers. If you received an unwarranted email or text from what seems to be a legitimate company regarding anything from a missed package 📦 text from USPS or a refund response from Amazon, check the sender - either the email address or phone number. Many times you will notice that the address has some kind of alteration, a misspelling, a dot where their normally wouldn't be, or the attachment/ URL doesn't appear to have anything to do with the alleged purpose of the text or email. If you suspect that you received something strange, always contact the company directly using the contact information on their official website. They will be able to verify the information in their systems (or not).

• 🔐But, do really double check that email address or phone number. Recently, my hometown experienced a scam at a local public highschool that had contracted a construction company to do something for the school. The accountant in charge of paying the invoices received an email from what appeared to be the person they had contracted regarding payment methods for the invoice that they had received. This seemed to be legitimate because the individual had been emailing the contractor back and forth about this the previous day and thought nothing was out of the ordinary when she submitted the cheque using the method the alleged contractor supplied here. The actual contractor eventually followed up and that was when the school realized they had just hired thousands to some account in Africa. This is called interception and it has become more and more prevalent recently. All a scammer needs to do is have access to your inbox or some knowledge of your current communications and affairs to interject their fake email in a way that appears consistent with your conversation. This further reiterates the need to change your password to something hard to guess often and log out of your accounts often along with verification and vigilance. 

• 🔐Update Your Operating System, Apps, and Software. Not everyone needs a complex antivirus license unless you use your home network for work or perform work that includes the usage, viewing, and transfer of sensitive information. Everyone has heard of ransomware attacks against companies and organizations, but the key to preventing these attacks is often very simple. Hospitals, municipalities, and public schools are often prime targets for these attacks as hackers take advantage of the backdoors and exploits within older software and operating systems that have been fixed or addressed in newer updates / versions. Keeping your software up to date on all of your devices can help keep you secure at home and at work. Seems simple enough, yet many big corporations (even our government at times) neglect this simple yet crucial part of device maintenance and security.

The fear that the update may cause data loss or incompatibility issues is largely unfounded when compared to potential ransomware attacks, where, in several cases, victims aren't able to recover their systems even after the ransom has been paid. 

For the record, I am referring to critical updates. Many developers will release optional updates or patches for operating systems and software that you may defer or postpone for a bit (or indefinitely). As Apple has admitted to creating their own system lag and eating memory when it comes to updates for their older devices, it isn't a surprise that Apple users are the most apprehensive to do so. While Apple devices are considered secure due to the nature of the operating system and encryption, these devices can still be hacked and more and more exploits are becoming available for Apple software. So don't wait, do the update. 

• 🔐If they want a wire transfer or gift card payment, It's not legitimate. Back in 2015, I worked as a customer service manager at a local grocery store where my duties included lottery printing and redemption, scratch off sales and redemption, tobacco sales, Western Union transfers, payouts, and money orders, as well as being the person that you went to if you needed assistance or had something to return. I typically ran the counter by myself and multitasked, taking several people at once. I remember it was close to Christmas just like it is now and this older gentleman came in the front doors which had him pass by where I was working the front desk. 

He was on the phone with someone and I could tell he was confused and hesitant. He kept asking whoever was on the other end to repeat what they were saying, but I caught the beginning of the call when he came through the doors. This man had received what he thought to be a legitimate email from Amazon claiming that his 'HD Television purchase has been completed'. 

If you guessed it, he didn't buy a TV from Amazon. So this gentleman was thinking someone has purchased this television on his dime somehow and he needs to contact Amazon to cancel the order and get his refund. This is exactly what the scammer wanted him to do. They knew that he would see the email and immediately take action to 'get his money back.' They provided him with a fake number that directed to them where they pretended to be Amazon customer service reps. 

At some point, the scammer had instructed this man he needed to pay a fine to receive his refund. 

The scammer told the man he would accept specific types of gift cards, such as Google Play or Best Buy gift cards. 

When the man got confused and started asking questions, the scammer switched off his nice customer service character and began to lean into this man in an attempt to pressure him to make the purchase.

The scammer wanted to keep him on the phone throughout the process to ensure that he was doing what the scammer instructed. The scammer knows that if they can keep the person on the phone, they are more likely to do what they want. 

I got the older man's attention and waved at him, all but screaming at him over my customers in line to hang up and that it was a scam. Finally, he turned from the gift card rack and saw me. I could see the look of understanding on his face and he shifted gears, "I do not think that we need to be discussing this any further, goodbye," and he hangs up. 

He was shaken, obviously.  He barely muttered a thanks to me before he walked back out the doors. It was understandable. He came really close to making the first move that could have lead to a domino effect. Scammers will always try and get you for more if they have had success.

They will threaten you and make comments that can lead you to believe you and your family are being surveilled even if they gleaned this information from something you posted on Facebook and forgot about. He did come back and thank me in person, face to face thereafter. I was just happy that I could prevent it from happening.

Unfortunately, I have had more instances where the person making the purchase is so intimidated or convinced that they have to do this that they will lie and argue with those trying to prevent them from being taken advantage of, defending the purchase of 5 $500 Best Buy gift cards to even their financial institution, which will often decline this type of transaction initially. 

No legitimate business or company, organization, or independent contractor will request that you pay them in gift cards of any kind. Scammers ask for this form of payment because once it's purchased, it is virtually untraceable. If it doesn't sound right, it probably isn't. 

🔐Another common relevant scam will involve Western Union Wire Transfers. Scammers will request that the victim pays them in a wire for whatever reason. They will usually provide a fake name and dummy address or use another victim's information and have them pick up the funds to provide the scammer another layer of security. These scammers will call pretending to be your utility company or even a government agency, demanding payment for accounts unpaid. As mentioned before, these entities will never randomly call you - even to demand payment. If you are unsure, look up the company or agency in question and verify the information with them. In many cases, you will find that they don't even accept Western Union payments