Phishy Emails and Texts: “Account Problem” Scam Alerts

Have you ever gotten an email or text saying something like, “Your account has been suspended due to suspicious activity. Click here to verify now”? Or a message claiming “Unusual sign-in attempt, your account will be locked” with a link to “secure” your account? These phishing scams are rampant in inboxes and phones, and they frequently impersonate big companies that older adults trust – such as Amazon, Netflix, PayPal, Xfinity or your bank. The goal is to make you panic about the security of your account, so you’ll rush to click the link or call the number provided. Scammers either want your login credentials, your money, or access to your device through these fake alerts.

How the scam works: You receive a very official-looking email or SMS. It might have the company’s logo, proper language, maybe even your name. For example, many people report getting texts like: “Free Msg from [Bank]: Did you attempt a $1,000 withdrawal? Reply YES or NO” – if you reply, the scammers will call you, posing as the bank’s fraud department, to extract info. Or an email might say “Your Netflix payment failed, update your info to avoid interruption”. The message includes a link that often leads to a phony login page resembling the real company’s site. When you enter your username and password, it goes straight to the scammer, who now can access your real account. In other cases, the link might download malware. There are also phone impersonation variants: a robocall saying “This is Amazon. We found a $999 charge on your account, press 1 if not you”. If you press 1, a scammer comes on the line, again trying to get your credit card number or remote access to “fix” a non-existent problem.

Perpetrators and motivation: Cybercriminals gangs worldwide send out millions of these messages daily because even a tiny response rate can yield a big payday. They impersonate companies with huge user bases (Amazon has hundreds of millions of customers, for instance) – chances are you do have an Amazon or Netflix account, so the scam seems plausible.

Side note: Amazon itself has been battling this for years.  In 2024, they reported initiating takedowns of over 55,000 phishing websites and 12,000 phone numbers used by scammers impersonating the company. That gives a sense of the scale – thousands of fraud phone lines and sites, often run by organized crime groups. Some scammers also purchase leaked email lists or phone numbers of older adults, figuring they might be less familiar with spotting phony emails. The why is simple: phishers can quickly snag money by tricking you into paying or giving card details, or valuable personal data (passwords, Social Security Numbers, Health Records) which they sell or use for identity theft. They also exploit fear – the fear of losing access to an important service or having your money stolen. As soon as you feel that jolt of anxiety, they hope you’ll click without thinking.

How it can affect you: Falling for a phishing scam can have serious consequences. If you enter your password on a fake site, scammers will often immediately attempt to log in to your real account – potentially racking up unwanted charges or stealing personal info.  If you download an attachment from a fake email, it could be malware that spies on you or grabs your keyboard keystrokes. And if you give out credit card or bank info, obviously it can be used fraudulently. Many people also report a sense of betrayal and embarrassment after being phished – these emails can be very convincing. Older adults have to be especially on guard: a recent study indicated that older age is a major risk factor in falling for deceptive emails, partly because the scammers’ tactics exploit trust and less familiarity with digital trickery.

Indeed, the FTC noted that people lost roughly $1.9 billion in 2024 to scams initiated by calls, texts, or emails – and that imposter scams (like phishing impersonations) topped the list of reported scams.

“Every call, text, or email you receive from an unknown source is potentially a doorway to scammers. Think twice, click once—or better yet, not at all.”
— Eva Velasquez, CEO of the Identity Theft Resource Center, 2024

Stay safe from phishing attempts:

• Be skeptical of any urgent account notices: If an email/text claims “Act now or your account will be closed!”, pause. Real companies rarely communicate that way. Do not click links or call numbers in the message. Instead, log in to your account through your normal app or website, or call the official customer service number you trust. If there really is an issue, you’ll see a notification when you log in legitimately.

• Verify the sender: On emails, check the sender’s address. Scammers often use addresses that look similar to a real one but are off by a letter or have extra words (e.g., netflix.billing@gmail.com instead of an official Netflix.com domain). If it’s not from the exact official domain, it’s a red flag. On texts, remember that legitimate services usually don’t ask for personal info via SMS. For instance, Netflix explicitly warns it will never ask for personal information in a text or email, and banks don’t either.

• Never provide personal or login info via email/text: No reputable company will ask for your password, Social Security number, or full credit card number by email or text. If you’re asked for these, it’s a scam. Don’t fill out forms or reply with codes/pins. Likewise, don’t make payments outside the official platforms – e.g., Amazon won’t ask you to pay for something via a bank transfer or gift card (and neither will the IRS or SSA for that matter).

• Use multi-factor authentication and strong passwords: This is more of a damage control tip – enabling two-factor authentication (2FA) on your important accounts means even if a scammer steals your password, they likely can’t get in without that second code. It’s an extra layer of defense. And using unique, strong passwords (with a password manager if needed) ensures that one phished password doesn’t unlock all your other accounts.

• Keep your computer secure: Don’t worry, if you’re signed up for our Guardian Geeks To Go Security, we do this for you.  Our service includes regular updates for programs, browsers, drivers, and your operating system. Using top-tier, business-grade security software and 24/7 virus monitoring, combined with thorough monthly visual checkups, we offer the most comprehensive computer security available.

• Remember: The best place to do online banking and access other sensitive information is on your computer.  Phones and tablets don’t have the same level of security available.  Which is why we’ve seen a rise in phone scams.

If you think you did click or divulge info in a phishing scheme, take action immediately: hang up the phone and turn off your computer immediately.  Then give us a call so we can sort it out.  Once we sort things out, we’ll help you change any passwords you shared and notify your bank if you gave out financial info.

• You’re not alone or foolish – these scammers are very convincing.  Don’t let embarrassment stop you – report the scam (you can forward phishing emails to report@ “the company’s domain” or to the FTC). Quick reporting helps companies take down fake sites and warn others. Remember, these scams are incredibly common – AARP has their own fraud awareness podcast now.  Even tech companies and banks are stepping up to combat these scams (Amazon’s 2024 campaign with senior organizations is one example). Staying informed and cautious is the best armor against this constant online violation.

Have questions or need help? If you’re ever unsure whether an email, text, or pop-up is legitimate, reach out to us here at Geeks To Go!. We’re here to assist you in verifying scams, securing your devices, and answering any concerns. Don’t hesitate to give us a call or even forward a suspicious email to us– we’re your partner in staying safe!