Alert
Close

Multiemployer pension cuts and what you need to know about pension provisions in 2015. Learn more

Scam Alert

Spammers Get Up Close and Personal

'Spearphishers' address you by name. Here's how to protect yourself

En español | You may have noticed that your email inbox has less spam — you're getting fewer offers to sell cheap pharmaceuticals or help a deposed Nigerian prince.

Yes, the volume of junk email is down — dramatically. Symantec, which makes Norton antivirus software, estimates that spam peaked in July 2010 with an average 225 billion messages sent each day, compared with less than 50 billion a year later.

See also: Don't get hooked by a phishing expedition.

Gold fish and hook - Five ways to avoid email spam

In spearfishing, scammers try to hook you with a personal touch; using your name, for instance. — Photo by Corbis

Some of the credit goes to law enforcement and corporate cyber-cops for busting major criminal networks that were sending the stuff out through "botnets," home or business computers that have been stealthily linked to forward spam.

In April, the FBI helped seize control of one botnet, called Coreflood, and scrubbed 19,000 computers infected with its spam-sending software. And in the same month, Microsoft managed to dismantle the infamous Rustock botnet, which once distributed nearly half of all spam.

Targeting you

But there's another reason for the drop: The crooks are narrowing their targets.

Rather than sending out masses and masses of generic, one-size-fits-all messages and hoping to hear back from just a tiny fraction of recipients, they are shifting to lower-volume but more personalized attacks. Their emails are addressed to you alone and appear to come from people you know.

The new tactic is called "spearphishing." And its personal touch pays off.

Between June 2010 and June 2011, according to a report by the network company Cisco (pdf), money that spearphishers squeezed out of victims quadrupled from $50 million to $200 million. During the same period, money made from traditional spam dropped from $1 billion to $500 million.

Scammers realize that these days you're likely to ignore a "Dear Friend" request asking for your bank account number. But when the same request comes in an email purportedly from your bank — and addresses you by name — the odds greatly increase that you'll give the sender the hoped-for response.

The same applies to a "Dear Mr. [your name here]" letter asking for your credit card number because of an alleged problem with a recent purchase and noting details of that transaction. It's much more credible than one that's addressed "Dear Customer" and that contains no personal details.

How do spearphishers get your particulars? Sometimes, the info is collected on social networks such as Facebook or Twitter, which, in addition to revealing your friends and family, could include posts about that new camera you purchased at the mall last weekend. Or maybe your employer's website lists your name and those of coworkers.

Other personal information can come from data breaches — the hacking of big institutional computers — and from the cyber-crime black market that has a wealth of information about you and companies with which you do business.

Five ways to avoid spearphishing

  • Always maintain a healthy dose of suspicion about email that names you, just as you should with generic come-ons. This is rule number one for preventing the "friendly fraud" of spearphishing scams.
  • Keep in mind that banks, government agencies and legitimate businesses don't send emails demanding that you update personal information or provide financial account or Social Security numbers.
  • If an email appears to come from a friend and suggests you click on a link, a quick phone call to that friend makes for easy verification.
  • Be less social on social networks. Don't easily accept new "friends" or readily post potentially exploitable details of your life or those of your family and friends.
  • Watch for "scammer grammar." Spam has changed, but tone and style haven't. Spearphishers often operate from overseas and aren't native speakers of English, so look for frequent misspellings and word misuse, the giveaways of old-line spam.

Also of interest: Fraud alert or credit freeze to fight identity theft? >>

Sid Kirchheimer is the author of Scam-Proof Your Life, published by AARP Books/Sterling.

Topic Alerts

You can get weekly email alerts on the topics below. Just click “Follow.”

Manage Alerts

Processing

Please wait...

progress bar, please wait

Tell Us WhatYou Think

Please leave your comment below.

The Cheap Life

Jeff Yeager Cheap Life Ultimate Cheapskate AARP YouTube web series save money

Catch the latest episode of The Cheap Life starring Jeff Yeager, AARP's Ultimate Cheapskate. Watch

Discounts & Benefits

From companies that meet the high standards of service and quality set by AARP.

Life insurance: you are covered rain or shine

Exclusive annuities for members from AARP Lifetime Income Program from New York Life.

AARP Credit card from Chase

Members can get cash back rewards on purchases with the AARP® Credit Card from Chase.

Homeowners Insurance
Member Benefits

Join or renew today! AARP members receive exclusive member benefits & affect social change.

Rewards for Good

Your Points Balance:

Learn More

Earn points for completing free online activities designed to enrich your life.

Find more ways to earn points

Redeem your points to save on merchandise, travel, and more.

Find more ways to redeem points

Advance your skills. Transform your career.

Explore your learning possibilities.