/always/ reach out independently to verify anything involving sensitive info
- do not confirm anything for anyone over the phone if /they/ called /you/
- this may sound overly cautious, but consider:
that email might not be from your bank even though it says it is
the phone call with your daughters contact picture and number might not be her
the text from your brother might not be him
worse of all, even if you hear your loved one’s voice, it might not be them
- there is basically never a reason to click a link in an email or text message
you should instead go sign-in to your account and see anything you need to see there
- do not trust anyone reaching out to you; instead /you/ reach out to /them/
do not trust /anything/ someone reaching out to you says
(this includes family if they are asking for money, login info, address, ssn, etc.)
instead, use a separate, known correct way to reach out and verify
go to the known website (password manager can help) or use a known number or email
stay informed about new scams and new scammer capabilities
- a great news source for this is: https://www.malwarebytes.com/blog