Don’t Post a Screenshot of Your Incentive Payment Online
I have not yet passed the IRS incentive test; Every time I check the site of the Get the My Payment ( Getting Paid) the IRS, I get the message “now we can not determine your eligibility for payment.” I’m not the only one on this particular pickle, which is why people went to sites like the Reddit r / incentive subreddit to share their frustrations with incentive testing.
Sadly, some people have also shared photos and screenshots – from envelopes with receipts for incentives to direct deposit announcements.
To my credit (pun intended), I have not seen anyone post screenshots or snapshots of actual bank account information. However, as Julia Glum explains at Money.com , even a screenshot of the crossed out credentials can be enough to make you a target for scammers:
Imagine that you are on a Facebook group trying to spread the news that your incentive check has been successfully transferred to your Chime account . You include a screenshot of your recent transactions, and while the only part you’re trying to share is the line that shows the IRS payment on Wednesday, viewers can also see that you spent $ 10 at McDonald’s on Tuesday and $ 50 at Walmart. on Monday.
Scammers can use this information about your spending habits to create a believable phishing email. By impersonating these brands, they can lower your security and then retrieve your credentials.
I don’t know about you, but I have received a lot more phishing emails over the past few weeks. Here is an email I recently received from the email address “email@example.com”:
Yes, I understand the irony of posting a screenshot in a message urging you not to post screenshots, but this is what the phishing email looks like and the only reason I didn’t click the Confirm Information button was because I checked both email addresses. mail and mailing address that the scammers were thoughtful enough to include at the end of the letter: “Canterbury, 19 Copsey Place, Avondale, Oakland 1026, USA.”
As Glum points out, scammers can also target your newly deposited incentive money by checking your responses to those viral games on Twitter and Facebook where you reveal your superhero name (or the name of Jellicle the cat, or whatever) by choosing from a list of words that match your birth month and date of birth. Scammers don’t need to know your account password as long as they have enough information to request a password reset – this is another reason why you should set up two-factor authentication on as many of your online accounts as possible.
So go ahead and tweak your TFAs if you’re still waiting for your incentive money to arrive – and when your check finally arrives, keep it on the screen.
And if you get a realistic email asking you to sign in to your account or verify your account details, check your email address before clicking or clicking on anything.