There’s a new money-stealing scam that you need to watch for. It ditches the traditional method of attaching malware to an email or cold-calling you with some bogus scam. Instead, the scammers expect you to call them. Keep reading to learn how this tricky scam works so you can avoid falling victim.

Here’s the backstory

Phishing emails typically follow the blueprint of including malicious links or attachments that, if clicked, will infect your device with malware. But this new technique is downright devious. Thieves are now sending emails to unsuspecting victims that look like an invoice for a purchase they didn’t make. Instead of including a malicious link, the email provides a phone number you can call if you have questions about the purchase. And, since you didn’t make the purchase, of course, you have questions. That’s when the scam kicks in. If you call the number in the email, you’re connected to a call center staffed by thieves. The fake staffers will explain that you’ll need to download a support tool to resolve the issue. The thing is, it’s not a real support tool. What it actually does is give criminals control of your device remotely. This allows them to work behind the scenes to steal personal information on your device. This could include personal information about your life and credentials to online accounts, including your bank. It can lead to identity theft and even the draining your bank accounts. According to Palo Alto Networks, they don’t stop there. Once they have your details, they send you an extortion email. They include information about you that they shouldn’t have, making you feel a sense of urgency. They tell you they will post your sensitive data online if you don’t pay a hefty fee. Yikes!

What you can do about it

The odds that these types of schemes increase are great. It’s an easy ruse to pull off, and thieves like to copycat others. Your best move is to know how to handle these types of phishing emails before you get one. Here are a few ways to avoid falling victim:

Stay calm if you get an invoice for an item you didn’t purchase. Don’t click links included in the email, and do not call the phone numbers it provides. Instead, contact the company through official channels to discuss the issue. If there was a genuine mistake, ensure that you call the company’s official phone number by looking it up on its official website.Don’t click on links or attachments you receive in unsolicited emails. They could be malicious, infect your device with malware or steal sensitive information.Ensure that your computer or mobile phone’s operating system is updated to the latest version to help protect against security threats.Always have a trusted antivirus program updated and running on all your devices. We recommend our sponsor, TotalAV. Right now, get an annual plan with TotalAV for only $19 at ProtectWithKim.com. That’s over 85% off the regular price!

Keep reading

Money tight? Tricks to help you save big on holiday gifts Shopping for holiday decorations? Don’t fall for this online shopping scam