How Scammers Can Use Your Email Rules, sometimes called Filters, Against You.

This is something that I have seen many times. A scammer will somehow get access to your email and then they can send emails from your account without you even being aware of it. In fact, they hide it from you. They can carry on conversations with others right from your email and you will never see it.

First let me explain what rules are in email accounts. These are instructions to help you manage your email. You can set up a rule for instance, to move any email from “John” to the folder “John.” These rules can be very helpful if you receive a lot of email and there are some that you need for future references but don’t necessarily need to see them when they arrive. I always get an emailed receipt when I buy anything from my computer supplier. I don’t need to look at these emails, I just need them for documentation if I am ever audited. So, I set up a rule that anytime I receive an email from Micro Center those emails will be moved to my Micro Center folder.

Scammers can do the same thing in your email. They can send an email to your employee that says “Please pay this invoice” in the subject line. In this email they will tell you to follow this link and pay this invoice for them. They can set up a rule that says any email that has “Please pay this invoice” in the subject line, delete the email. They can go into the trash and keep corresponding with your employee about this and you will never know about it.
This is a basic description of how they do it, but you get the idea about how they can steal from companies by using this tactic.

So, how can you protect yourself from this type of scam that has cost many companies a lot of money? The first thing is to make sure your email password is complex and not similar to other passwords that you have and use 2 factor authentication. If you can keep the scammers out of your email you don’t even have to worry about this.

But it is still a good idea to check your rules occasionally to make sure there are not any new rules that can be used against you. I had a customer that was one of the recipients along with others in their company on an email from one of their customers. Suddenly she was not receiving these emails any longer while everyone else was still getting them and they could see that she was listed as a recipient in the emails.

We verified that there was no issue with her email, she was receiving emails from everyone else except this one person. Then we checked her rules in Outlook on her computer and finally logged in online to her email and checked the rules there. When we checked online there were some new rules set up that she was not aware of and didn’t set up.

The scammers were using her account to try to divert payments to another bank. Luckily, we caught it, and no money was sent to the wrong bank. We then deleted these rules, changed her email password, and forced a sign out on all devices. We also made sure there were no rules in anybody else’s email account in the company and we instituted 2 factor authentication to ensure their email accounts remain safe.

If you are familiar with email rules, you should immediately check to ensure there are no extra rules in your email accounts. If you do not know anything about rules and don’t know how to check for fake rules, here is a video where I walk through how to view your rules in Outlook, Outlook online, and Gmail, most other web-based email accounts work similar to these. Check with the company that supplies your email or contact me.

If you would like to receive the Email Scambusters Monthly Report, sign up at the link below. It is a two-step process. Sign up and then click the payment link. The cost is $49.99 per year which is less than one cup of coffee per month. If you need more information give me a call.

Danger – Electricity

Too much electric current can destroy any electronic if it hits it. Computers, routers, printers, and other similar items are especially vulnerable to this due to the electronic boards inside them. During lightning season, this is especially important. This is the main reason to use surge protectors for all of these types of electronics. The purpose of the surge protector is to stop that surge from reaching your components.

Surge protectors have a fuse inside that will break the connection to the connected devices if it is too powerful. That means you only have to replace the surge protector and not all of the devices connected to it. This is great since most surge protectors are less than $100 and most devices connected to them are many times more expensive.

There is also another benefit to surge protectors. Some come with a certain amount of insurance for the items connected to the surge if it fails to protect them. To find one with this insurance you can look on the packaging or google “surge protector with insurance” I found an APC model on Amazon that has 11 outlets on it and offers $250,000 in insurance for connected devices and it only cost $42.99. Make sure you read all of the fine print, but this is just another reason to always make sure you use a surge protector. Yes, your homeowner’s or renter’s policy would probably cover this as well, but these policies also have a deductible that you must pay.

Most people do have a surge protector on their desktop computers since they never move them, and they are always plugged in. But people often forget to plug their laptops into a surge protector since they normally take it with them. Many people just connect it to the nearest outlet. If you carry your laptop around and you are in the habit of just plugging it straight into the wall, consider getting a small surge protector and keeping it in your bag with your laptop. It could save you a very big expensive headache.

Another great idea is to unplug all devices if there is a nearby electrical storm. Even though the surge should protect your components, why should you take that chance if there is a high potential for a surge in the area. If you are going on vacation and will be away for a week or longer why not unplug all components also. It only takes a minute and might save you from the hassle of replacing things when you get back.

Top 10 ways to get a virus or malware on your computer.

Many times, it is your online behavior that allows viruses and malware to infest your computer.  Here is a list of things that you might be doing that can increase your chances of getting a virus or malware.

10. You visit recipe sites and allow the site to install their “print manager”. It only takes a few seconds to copy the recipe into a word document. Then you can save it or print it.

9. You click on links offering free music.  I had a customer try this and he got a pop up that said, “I just stole your sound”, I had to find new drivers to get his speakers working again.

8. You click on the first result in your search even though it clearly says it is an ad.  Many times, the first result, or the first few results in any search are ads. Usually, they have nothing to do with the company you are looking for. These can easily give you browser hackers.

7. In search results you pay attention to the heading and not the URL above it. The heading can be anything the website owner wants it to be. The URL is their actual website. If it doesn’t match what you are looking for, try another link.

6.  You install software using the Express “Recommended” option rather than the Custom “Advanced” option. In reality the custom option will only ask you a few questions and allow you to say no to extra junk.

5. You allow your young children to use your profile which is an administrator when they play their online games. You can easily set up a standard user for them so they can’t install junk.

4. You follow any links that you get in unsolicited emails. Curiosity killed the cat, and it will kill your computer also.

3. You use a free version of anti-virus. Many times, while I am adding a paid anti-virus to a computer it will find malware in the initial scan that the free version never found. With anti-virus, you always get what you paid for so if you paid nothing, you would get nothing.

2. You always play the goofy games on Facebook to find out, for example, what kind of car best suits you. Many times, these “games” are only wanting to use your information to try and sell you something or worse.

And the number one way to get a virus or malware on your computer – You click on the first “download” button you see rather than reading that this button is actually part of an ad.

If you don’t understand any of these items, I would be happy to explain further. Or you can watch this Youtube video

I also have a subscription newsletter that covers things like this on a monthly basis. If you know someone that is vulnerable to scams this would be a great resource for them. If interested here is a link to subscribe to it.

It is time to have that talk…

with your aging parents. The talk about how to avoid becoming a victim of scams.

*The Federal Trade Commission received more than 2.1 million fraud reports from consumers in 2020, according to newly released data, with imposter scams remaining the most common type of fraud reported to the agency. 

*Consumers reported losing more than $3.3 billion to fraud in 2020, up from $1.8 billion in 2019. Nearly $1.2 billion of losses reported last year were due to imposter scams, while online shopping accounted for about $246 million in reported losses from consumers.

*Just over a third of all consumers who filed a fraud report with the FTC—34 percent—reported losing money, up from just 23 percent in 2019.

Your parents grew up in a different time. A time before the technology that is a part of our current daily life, was even invented. They may not understand it and that alone makes them an easier target for scams. They also were taught to be courteous and not rude. Today’s scammers will not stop for courteous responses. You must hang up and not answer when they call back. Your parents need to know that even if the voice on the phone seems like an expert, they should check it out with you or a trusted advisor before giving the caller any information or access to their devices. If the caller won’t wait for that they are definitely trying to scam.

Having this conversation with mom or dad doesn’t mean they are dumb. It means they haven’t been exposed to this newer technology very much and they don’t have the level of knowledge necessary to spot these very sophisticated scammers. Make sure they are aware of this multi-billion-dollar business and that there is no shame in questioning anything they think might be fake.

Here is a list of items you can use to start your talk:


  1. Verify the “From” address is from the domain of the company that supposedly sent the email.
  2. Read the email out loud. Does it sound like other emails you have read? Is there any broken English or typos?
  3. Don’t click on any links, hover over the link to see where it really is going.
  4. Contact the company or individual through their published phone number or the number on their bill, or if it is a friend use another method of communication that you know is really them or contact a mutual friend to verify the story.
  5. If the email claims to be a receipt for a purchase for Amazon or another online retailer, don’t follow any links, or call the listed number, login to your account like you normally would, to check for activity. The same goes for your bank or credit card.
  6. Do you have an account with this company that uses this email address? I occasionally get emails in my email for businesses that I don’t have an account, my wife has the account under her email.

Phone Calls 

  1. Call them back on their advertised number. Look on your last bill from them and use that number. Even if their number shows up on caller ID as belonging to the company.
  2. Never give them a payment over the phone especially an uncommon type of payment like a gift card or Bitcoin. Real businesses and government offices do not require or even allow uncommon payment types.
  3. Don’t give out personal information such as Social Security numbers, driver’s license number, birthdate or account numbers. Since they called you, they should already have this information.
  4. No government agency will call you about some new issue. They will send you a letter.
  5. Technology companies like Microsoft, Dell, HP, Apple or any others will not call you about your device unless you have purchased a maintenance support plan with them. Even if you have a support plan, they won’t call you about something going on with your device. They are not monitoring them in that manner. The only time they will call you is to return a call that you made to them.

Remember, scams are also happening on social media, text messages and can even pop up on your computer uninvited. When it comes to scams of any kind, education and being aware will keep you from becoming a victim.  Remember, if it seems too good to be true, or if it seems really bad, check it with a known source. Never follow a link in an email without first verifying it is real. Never accept an unsolicited phone call. Call them back on their advertised phone number to verify what they are telling you.

After you have “the talk” why not subscribe to my email newsletter – Scam Busters Monthly Report? I will email a copy to you and your parent every month to help you educate them and to continue the conversation. This subscription is normally $50 per year, but I will give both of you the monthly newsletter for this same $50 per year. I have been talking to my parents for years about scams and due to this they have successfully stopped a number of potential scammers. I want the same for your family.

Every month I highlight scams and show how to determine they are scams. I use pictures to show exactly why these are not real messages. I also occasionally interview experts in the industry to get the latest info to all of my subscribers. Subscribers can also look back at the previous newsletters in my archive. In addition to the newsletter, I allow my subscribers to send me emails they are not sure about, and I will tell them if it is a scam or not.


What to do when Microsoft calls…

This has come up a couple of times lately with my customers.  They receive a phone call from someone who claims to be from Microsoft.  This person tells them that there is a problem with their Windows installation on their computer and they need to log in and fix it.

This is what is known as a phishing scam.  Most of the time the person that is called hangs up on the caller; but every so often, they find someone who will listen and follow their instructions.  They will then gain control of this person’s computer and wreak havoc on the machine.  I have heard stories of people paying these scammers hundreds of dollars to “fix” their computer.

These scammers are very convincing, and they will not take no for an answer.  They will continue to demand that you let them fix your computer.  The only way to shut them up is to hang up the phone; even then they will probably call back in the future.  I was at a customer’s house when they received one of these calls, so I got on the phone with the scammer.  I told him that I was the Tech for these people, and I knew he was a scam.  I also told him that Microsoft does not make these types of calls and there was nothing wrong with this computer.  He still would not break from his script to attempt to gain control.  I finally hung up on him.

Here are the facts about Microsoft.  They do not know your phone number.  They cannot monitor the Windows installation of every computer.  They will not call you unless you have called them, and you are in the middle of working with them on a solution to a problem you know you have. 

This also goes for Dell, HP, Toshiba, and any other computer manufacturer.  My dad did find a way to stop them recently when they called him.  He told them they were mistaken because he doesn’t have a computer.  They did not have an argument for that one.

Remember, if you receive a call from any company that you did not call first and they try to get information or access, hang up the phone and call that company at a number that is published for that company.  If you have allowed a company access to your computer and they damaged it or you think they may have added some type of spyware on it, call me.  I have recovered systems that have been damaged by these scammers and I can help you too.

A Few Recent Scams that I Heard About

As time goes by there are more scams designed to take your money. In just the past couple weeks, I have seen all of these. Please share these with everyone, especially anyone that would be vulnerable to the scams.

  1. Tampered Bank Account – People are receiving emails from Bank of America and other large banks telling them that due to recent suspicious activity their account has been frozen, and they need to login here to correct it. Many times, these people don’t even have an account with the bank, and they become concerned and follow the link, or if they do have an account, they think this is legitimate and follow the link. Some of these links can be keyloggers that will then infect your computer and keep track of your passwords etc. At the very least these links are to a page that looks like your bank, but it is not. It is just a page to capture your username and password. If you receive an email like his from a bank that you use, contact the bank through some other means. Call them on a number you have elsewhere or google the bank.  If you do not have an account with this bank, you can call them and verify that they do not have an account in your name, but NEVER FOLLOW THE LINK IN THE EMAIL.  This scam also works with Amazon, Ebay and other retailers.
  2. E-mailing for Cash – My wife recently received an e-mail from a former co-worker’s e-mail account that said she was traveling with her husband and they had some trouble and lost everything they had and needed $2500 to get home.  Of course, my wife did not believe this since this former co-worker is not the type of person to travel like this and the text of the e-mail did not sound like something this person would write.  She sent an e-mail to this person but didn’t reply to the e-mail that she had received.  Sure enough her former co-worker wasn’t traveling and knew nothing about this except that she had received a few similar e-mails asking her about her travel situation.
  3. An elderly friend recently received a call from someone claiming to be their grandchild and said they had gotten into trouble in Mexico and needed $1500 for bail money.  This person became confused and did send the money before they checked with this “grandchild’s” parents to verify the story.  They did get taken and so do many other seniors by this scam.
  4. Phone scams are very popular, I frequently get robocalls from a number that claims to be my utility company telling me that due to no payment my service will be cutoff in 30 minutes unless I pay now over the phone. Since I always pay this bill, I know this is fake and I just hang up. If you get a call like this and you are not sure if your bill is paid, hang up and contact your utility company through a published number. Please know hat your utility company normally doesn’t call you, they will send you a letter. The IRS, Social Security or your local sheriff or police department will not call you and demand money over the phone.
  5. I have also heard of people setting up a fake Facebook page impersonating someone who has many friends and trying to add the person’s friends to the new account for the purpose of exploiting those friends in the future.  If you get a friend request from someone who is already a friend, contact that person another way to verify if the request came from them.

These bring up an important point about Phishing scams; they send out thousands of e-mails and constantly make phone calls looking for their victims.  Make sure your loved ones are aware of these types of scams and make sure you always check with a known source if you receive an e-mail, phone call or request similar to these.