A client just got this email (the circles are ours, of course):
It is not from Charles Schwab. Nor has Charles Schwab been hacked. Scammers target companies like Schwab due to their ubiquity. Think Apple, Amazon, FedEx…they are all so big and so widely used that scammers just hope you use these companies and believe the email is real.
Here are the signs of the scam, going from top to bottom. First, the sender email is “.click”. Schwab is only ever “.com”. Second, the link has the same issue, but this time it’s “.ink”. Third, to be sneaky, they left the four blue links as they should be, pointing to https://schwab.com/. Lastly, we have yet to receive an email from Schwab where the whole address wasn’t listed, including the street and zip code.
If you’re not 100% sure of an email’s origin, do not click anything. If you think it might be relevant, forward it to us. We’ll help you.
Lastly, some of these scams are generated by probing your email, which means your account has been compromised. Change your password immediately just in case, and ALWAYS use 2-factor authentication (security questions are OK, but having a code sent to your phone is best).
Cheers,
Your Team at Great Oak