In honour of Cybersecurity Awareness Month, we’re sharing real stories from people who faced online threats. Today’s focus is scams and phishing messages, which cybercriminals use to trick you into revealing sensitive information or downloading malware.
Scott’s Story: The Fake Phone Call
Scott received a disturbing phone call that seemed to come from his cousin, Joey.
“My cousin Joey called, claiming he had been pulled over for driving under the influence and was now in jail needing bail. The caller sounded exactly like Joey, complete with his Boston accent. He even mentioned my dad’s name and recalled a past incident involving his father, which supposedly my dad had helped with.”
The details made it feel authentic: the voice, the urgency, even background noises mimicking a jail processing area. But Scott noticed red flags:
- He hadn’t been in touch with Joey for a long time, making the sudden call unusual.
- The story about his dad helping Joey’s father didn’t match reality.
- When Scott asked to speak with an officer or get contact information for the jail, the caller hesitated.
The scammer had done their homework, using family details and an impressive impersonation. With AI tools advancing, these kinds of scams are becoming even more convincing.
Lesson: Establish a family safe word. A shared code word or phrase helps verify identities and prevents criminals from exploiting urgent, emotional situations. Always double-check stories through another channel of communication.
Victoria’s Story: The Phishing Email
Victoria encountered a suspicious email at work that claimed to be from an e-fax service. Instead of clicking immediately, she used the SLAM test:
- S (Sender): The email address did not match the company it claimed to represent.
- L (Links): Hovering over the links showed they all led to the same suspicious address.
- A (Attachments): Instead of real attachments, there were only fake image previews.
- M (Message): The tone was generic and urged her to click the link.
“At this point, I knew something wasn’t right. I took a screenshot of the message and sent the photo to our IT and cybersecurity contact, and they confirmed I was right not to click. It was a phishing attempt.”
Lesson: Phishing emails are becoming more sophisticated, but taking a few seconds to analyze with a method like SLAM can make all the difference. Trusting your instincts and slowing down can prevent a costly mistake.
Key Takeaways
- Scams come in many forms: phone calls, text messages, or emails.
- Cybercriminals rely on urgency, fear, and impersonation to trick people.
- Use protective strategies: safe words for family and methods like SLAM for emails.
- When in doubt, verify through a separate channel and report suspicious activity.
Cybersecurity is everyone’s responsibility. Stay alert, trust your instincts, and remember: pausing to think can be the best defense.
Want to take your cybersecurity awareness to the next level? Share these tips with your family and coworkers today. Talk about creating a safe word, practice the SLAM method, and encourage everyone to slow down before they click.
If you’d like more cybersecurity best practices, contact our team for resources, training, and support to keep your personal and professional data safe.