phishing scams

How to Arm Yourself Against Dangerous Phishing Scams

Have you gotten this phone call? Caller: “Hi, this is Alan from Vandelay Web Services. We scanned Google for your business and, according to our report, your business is not currently on Google.” You: “Uh… That’s weird because I work with an online marketing company that manages my Google listing for me.” Caller: “Well, your business isn’t visible. Clearly, you need our service. If you sign up with us right now, we’ll put you on Google and hundreds of other sites. You’ll rank number one in a week.” You: “Hmm. That doesn’t sound right…” Don’t fall for it! It’s a scam. We’ve had numerous clients call us with concerns about this kind of sketchy phone call or e-mail. Thankfully, they did the right thing by hanging up and notifying us. As soon as we showed these clients their claimed, fully optimized listings on Google (and elsewhere), they were relieved they didn’t fall for the scam. However, we fear many others have received similar calls or e-mails in the past and never heard those alarm bells go off in their heads. That’s why we wanted to share some need-to-know information about this specific scam, as well as phishing scams in general, with you. This blog post will arm you with the knowledge you need to protect your business, your money, and your personal information. So without further ado, let’s dive in!

The “You’re Not on Google” Scam

In this scam, a business owner receives a phone call or e-mail stating that their business is missing from Google and/or other essential online directories. We know it’s a scam because our own clients are frequent recipients of these calls and e-mails. As our clients, they each have claimed, optimized listings on Google and countless other places on the web. We also routinely check all of our clients’ Google listings as part of our service. So when one of our clients receives a phone call or e-mail stating otherwise, we know right away it’s a scam. However, the perpetrators are skilled at intimidating and manipulating innocent business owners. Their e-mails are aggressive and misleading; their phone calls are pushy and don’t take no for an answer. They regularly scare unsuspecting business owners into signing up and paying for services they don’t need. For these unfortunate business owners, the consequences are brutal. They lose money because they’re paying exorbitant fees for services they don’t need. Moreover, their web presence crumbles because they’ve now given a scammer access to their Google account. It’s like they’ve handed over their keys to a car thief.

The Classic Phishing Scam

You’ve probably seen or heard of this before, but maybe you never quite understood what it meant. First, you need to know the goal of any phishing scam is to obtain personal information from you so the culprit can steal your identity. It can be an account password, credit card number, social security number, or any other piece of sensitive information that will enable the scammer to commit identity theft. You may think, “Well, duh. Just don’t give your credit card number to strangers.” But that’s where these scams get complicated. If you’ve ever received a phishing e-mail or phone call, then you know how sophisticated some of these scams can be. They can be pretty convincing and trick you into believing they’re coming from legitimate sources. Often, they’re posing as your bank, a government agency, or your favorite online platform. They provide a backstory for why they need your information, typically explaining that your account has been compromised or you have an overdue balance—something that will scare you into cooperating. Most often, phishing scams occur via e-mail. However, phishing via telephone is not uncommon.

What Are the Signs of a Scam?

Whether it’s a generic phishing scam or a more targeted scam, the people behind it try to manipulate or intimidate you into sharing your information. Look beyond their story for the following red flags:

  • Request for sensitive information
    • Username and/or password
    • Social security number
    • Bank account or routing number
    • Credit card number
    • Answers to security questions
  • In e-mails, poor grammar and spelling
  • Misleading links
    • Hover your mouse over the link and check the URL. If the URL doesn’t look right (i.e. it has a fake-looking domain name, or it doesn’t go where the link says it’s going), do not click on it.
  • Reference to an action you know you didn’t take
    • For example, you never signed up for their services, or you never entered a sweepstakes.
  • Statements that contradict reality
    • For example, they say you’re not on Google, but you know you are.
  • Unrealistic threats
    • For example, the “IRS” threatens to seize your assets if you don’t send them your bank account number via e-mail;
    • Your Google listing will be deleted unless you pay for x service.
  • Bad gut feeling
    • Trust your instincts! If something feels suspicious or not quite right, delete the e-mail or hang up the phone.

How to Protect Yourself From Scams

  1. Be skeptical. First of all, keep in mind that no bank, government agency, or other reputable organization will ever call or e-mail you asking for account numbers, credit card numbers, social security numbers, or other confidential information.
  2. Go back to the source. If you do receive such a request, google the purported organization before you click, reply, or give any type of response. Go to its website, find the customer service phone number, and call. Once you’re speaking with a representative, summarize the contact you received and ask them whether it’s a real communication from their organization. This will help you verify whether it’s a legitimate request or a phishing scam.
  3. View e-mails in plain text. You can protect yourself by viewing all of your e-mails in plain text (as opposed to HTML). This will expose any hidden URLs that you might have accidentally clicked on if you’d only seen the e-mail in HTML.
  4. Block shady phone numbers. You can download an app like Mister Number on your smartphone, and it will automatically block any phone number that’s been reported as a scam. Or, for Prospect Genius clients, you can use one of our CallTrax™ lines, which block scam phone numbers as soon as we’re aware of them.

Trust Your Gut

We said this earlier, but it bears repeating. If what the caller or sender is saying just doesn’t quite make sense, or the link in the e-mail doesn’t look like a normal link, don’t take any action. Don’t give them the information they want. Don’t click on the link. Don’t pay or sign up for any service. Just hang up the phone or delete the e-mail. Then, give us a call to get our advice. It’s always better to be safe than sorry.