An author emailed me today, providing his complete login information for another website. He wanted my help “fixing a problem” he was having on there. We have a strict policy against logging into websites as other people. If they send us login information through their author account in BookLocker’s system, we immediately delete that text from the messages. If they email the login information to us, when we respond, we delete that information from the reply email.

What are things we see over and over again that can put a writer’s or author’s identity and finances at risk?

1. They email their credit card information to us. Yep! The entire number, expiration date, and security code. What if they sent that email to the wrong person by mistake? However, this is a much more likely scenario:

“Scammers get your email through data breaches, email harvesting bots scraping the web, social engineering (tricking you into giving it away via fake sites/emails), buying stolen lists on the dark web, or from public posts on social media/forums; they then use it for phishing, spam, or account takeover attempts…” – Google

Once they get access to your email account, they can see all of your “sent” emails.

2. They email their Paypal login information to us. Yep! The username and password. For the same reason as above, they can have their Paypal account stolen. The thieves just need to login, and change the password, locking the author out of their own account.

3. They email their full name, bank account number, and routing number. Yes, it happens ALL the time! It’s a forehead slapper for sure!!

4. They email their login information for any site at all. For example: “Can you login to my bank account and see if I paid that fee to you?”

5. They hand over control of their accounts for any site at all (Amazon, social media, and even the author’s own website), thinking they’re hiring a professional to help them out. This happened to an author who will be on our podcast after Christmas (Episode 21). Since she refused to pay them more money (she’d already spent thousands), they have locked her out of her own website and her social media accounts. They simply logged in, and changed her passwords. She was able to get into her Amazon account before they did and she changed the password there. She said they were FURIOUS when she did that. If she hadn’t done that fast enough, the scammers would be getting her royalties now instead of her.

6. They let a shady relative or “friend” use their computer.

Years ago, I was contacted by one of our authors. Except, it wasn’t him. It was the author’s son. He wanted to change where the royalties were being sent. I smelled a rat so I logged into the author’s account, and copied/pasted the message into the author’s account. I heard back quickly from the author. He confirmed the email had NOT come from him and he knew his son was trying to steal from him.

In a similar scenario, we receive emails daily from scammers who claim they are one of our authors. The emails state that they want to change their banking information for their “paychecks.” Well, first of all, I always check the email address. It’s always one of our author’s names but the email is always different. Second, we don’t send out “paychecks” to authors. We make royalty payments. Scammers can be sooooo stupid.

7. They share their login information for any website or account at all with a family member or “friend” who is not honest.

One author contacted me last week. He’s an elderly fellow. He told me his son was a criminal, and had got on the author’s computer, and stolen all of his login information so he could steal from his dad. The author was deeply distraught. We changed his email address and password in our system so the son couldn’t login to his dad’s account. The dad had to change his email address because the criminal son ALSO had access to the dad’s Gmail account. I felt so sorry for him but there was nothing else we could do to help him, other than giving him advice.

A friend of ours almost fell victim to a disturbing scheme just last week. He was having a problem with Microsoft. He went on Google to look up the phone number. Well, surprise (not!), the website he clicked on had the wrong phone number for Microsoft. It looked legit, complete with the Microsoft logo! He called, and followed the man’s instructions. Before he knew it, the hacker was IN his computer. He could see windows opening left and right. He immediately hung up the phone, unplugged his computer, and turned off his wifi. He then opened his computer and, while it was offline, he changed the password needed to access it. Then, he had to spend hours running virus scans from multiple types of software because he didn’t know if the scammer had put malware on his computer.

If you need a phone number for a service provider, login to your account on their website. Do NOT use Google to try to find the phone number.

And, never, EVER share your username and passwords online!!

RELATED

• EXTREME WARNING! Authors Hike / AuthorsHike.com is Now BLACKMAILING an Author!
• Scammers are Highjacking Authors’ Accounts, and Then Blackmailing Them!
• Money Mule! Has Someone Online Asked You to Innocently Accept Money on Their Behalf? By Angela Hoy and James M. Walsh, Esq.
• It Sounded Too Good to Be True…and It Was
• Are You Going to Pay Me…or Scam Me?

Read More "Ask The Expert" Articles