02282024 Outsmart the hacker: Beat Smishing and Phishing using TEAL (Trusted Email Address List version 1)
Very basic and friendly, it took only 20 minutes plus googling and fidgeting with your knees. Now, don’t get overwhelmed about this. Most of us really don’t ever think about whether an email address that was sent to us is legit or not. And unfortunately, some of us rather passively click whatever the sender wants us to do. This is bad. It caused my uncle, a musician, big problems when those hackers hijacked his Facebook fan page. The one thing he’d done was put his email in his profile bio, making it accessible to anyone — even hackers pretending to be Facebook authorities. They demanded he download or click something, and it turned out to be the worst-case scenario. After that, his Facebook fan page was full of sexual images. Damn, I wish Mark could fix this.
We figured out that even the devil pretends to be someone else in order to gain access to your precious digital stuff. These things can be used to take away or steal your identity, to blackmail you, to steal from your bank accounts, or even turn your computer into a botnet or spy device. Let your imagination run wild with worst-case scenarios; one day, you could be broke or homeless. Most hackers want your money; a minority wants to spy on you (maybe a government agency or even your ex). Or there’s the 1% — psychopaths who like to make your life miserable.
Okay, enough is enough. I’d like to share my approach to prevent this from happening. This is the first layer of security; the second and third layers will be handled by your computer (antivirus, firewall, browser, email service provider, operating system, and so on). The first layer is your list of trusted emails, whether it’s written on toilet paper or digital.
“Okay, let’s say you have a list of trusted email addresses, even ones that send potentially less important things like newsletters. But to clarify, does this mean you need to check the sender of every single email you receive against your trusted list, comparing it down to every letter and symbol? I saw a post on Reddit where the original poster (OP) asked for help determining if an email was legitimate.”
“bdo@bdo.com.ph”
“Okay, perhaps this seems legit because it has ‘@bdo.com’ in the address. An average person might think, ‘Okay, this doesn’t seem suspicious.’ But hold on! Do you have a list of verified BDO email addresses? If not, let’s go to the official BDO website and find their legitimate email contacts.”
“There are a lot of emails to check. Let’s use Ctrl+F to compare the sender’s email address to our list of legitimate emails and see if it matches.”
“Uh oh, it seems (no doubt) hackers created this email address; they can’t perfectly duplicate the original email addresses used by BDO. Their goal is to sound convincing enough to trick you.”
“Of course, you might wonder why a hacker would target you. Perhaps you have a prominent position in society or a government job (making you vulnerable to espionage attacks). Maybe you’re wealthy but not tech-savvy, making you an attractive target for scammers. Or, it could be someone who simply wants to have fun, like a relative or coworker. The point is, you need to think about where the attack might be coming from. This helps you retrace your steps to figure out the root cause.
If you receive a suspicious email claiming an address update (“Sorry for the confusion, but we updated our email address blah blah blah…”), the best course of action is:
- Call customer support using the previous, trusted contact information (phone/email).
- Visit the official website and look for new announcements about email updates.
Verification is crucial! Some hackers use demanding language and deadlines to pressure you and lessen your suspicion. That’s all I have for you today. Have a nice day, stay safe, and always stay curious!”
“Wait! Hold on! This isn’t clickbait, I swear. It’s a test to see if you’re truly human. If you DON’T click this link, I’ll give you 1 imaginary chocolate. But if you DO click, your mom will magically give you 2 imaginary chocolates! Hurry! You’re smarter than a monkey — monkeys wouldn’t fall for this! Prove your superior human intelligence by resisting the temptation. Here’s the link: [link]
Remember, be a critical thinker and use your amazing human reasoning skills!”
