Spam Season Is Here: Real-World Lessons for Smashing Online Pests

Published by Dan on

Neon “SECURITY” sign with arrows, symbolizing defense against phishing and other online pests.

My lawn looks like it has rained every day for the last three months. I may have cut more weeds today than grass, and the fungi in the mulched flowerbeds are as abundant as the attacks in my messaging apps.

In this spam season phishing surge, if you have a phone number, chances are you’re being subjected to the latest onslaught of spam SMS messages. It’s a rare day when I do not get at least a couple of messages inviting me to apply for a job or update package delivery instructions.

The latest attempt to attack me came as an email letting me know a form had been submitted on my website. Along with an email address, the message simply read:

I’m are interested in your offer, Please send me details on my Whatsapp: 1 ### ### ####

Fantastic, I thought. Somebody wants a hand with setting up a password manager or getting started with an AI tool.

I almost opened WhatsApp and started a conversation until I remembered why I stopped including the channel on posts. The app is a favorite of hackers and scammers, and can be used to inject malware onto a device.

So what did I do?

I followed one of the recommendations for how to protect yourself from data theft: I contacted the person through a different channel. The sender had included an email address, so I emailed them instead.

Surprise! The message bounced back

One hack averted. And while the bad grammar should have been a red flag, I hope I’m as prepared for the next one as my father was in a similar situation.

Even A Friend Can Lead to a Hack

Dad told me an interesting story last week.

He’d received an email from a friend with an odd message. The message asked Dad if he ever used Amazon.

It sounded as odd to me as it did to my father. Thankfully, instead of replying to the email, he called the friend.

When Dad told him why he was calling, the friend laughed. He said he had already gotten a call from another friend asking him the same question.

Somewhere along the line, Dad’s friend had their contact information stolen. Now, a hacker is impersonating the person to try to dupe people.

I explained to Dad that, if he’d replied to the email, he likely would have been asked to send an Amazon gift card or something else. Then we talked about how it’s best not to respond to odd emails and just call the person instead.

If you’re not talking to your parents about how to stay safe online, this is a good explainer the Family Online Safety Institute with some quality tips for getting started.

Give Gemini Something to Remember

After I wrote about the Google Gemini artificial intelligence bot not including sources in its results, I continued to experiment with it. Recently, I found, under “Settings and help” in Gemini, a section titled, “Saved info.”

In my session, the area was blank, but instructional text indicated I could tell Gemini things I wanted it to remember. So I gave it a shot.

Screenshot of a chat with Google Gemini: the user asks, ‘How do I remind you to always provide links in your responses?’ and Gemini replies with suggested prompt phrases to include links consistently.

After that little chat, I checked the “Saved info” section again.

Screenshot of Gemini’s ‘Info that you asked Gemini to save’ settings page showing the user’s saved preference: ‘Always remember to provide links in your responses when we chat.’

True to its word, my Gemini conversations now include links to sources.

And while I think this should be on by default, Google desperately wants to keep us in its systems instead of linking out to other websites. The good news is, for now at least, a user can force Gemini to provide source links.

Verify. Don’t Trust.

Three short stories with three simple lessons:

  1. The unexpected message may be more dangerous than you expect. Watch for bad grammar and never blindly follow a request from a person you don’t know.
  2. Even when you think you know the message sender, validate the request through a different channel.
  3. Even with AI, never just take the output at face value. Always check the sources.

Take the time to protect yourself every time.

Photo by Peter Conrad on Unsplash

Categories: Online SafetyPrivacy
Tags:

0 Comments

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *

Related Posts

Silhouetted commuters waiting on a train platform, symbolizing the frustration of waiting for missing two-factor authentication codes.
Online Safety

Why Your Two-Factor Codes Never Arrive — and How to Fix It

Have you ever tried to access your bank account then sat and waited for a verification text message which never arrived? You’re not alone. I just dealt with this multiple times this week. And you’re Read more

Vintage-style clown pointing at viewer with text: “Don’t Clown Around With Your Digital Privacy.” A privacy-themed parody of Uncle Sam posters.
Online Safety

Don’t Clown Around With Your Data: Take Control in Six Minutes

I met a friend for coffee a few months ago. They mentioned some of my earlier posts about online safety, then said something which has stuck with me like a poppyseed lodged in my gums: Read more

A concerned boy holding an oversized car key stands in front of a futuristic AI-marked pickup truck, as shocked parents look on in the background.
AI

Gemini AI for Kids: Why Parents Must Slam the Brakes

Google effectively just handed preteens the keys to a digital Ford F-150 and told parents it’s their responsibility to keep their kids safe. In an email to parents last week, as reported in The New Read more