How to Spot Safe Senders & Bad Apples

What do autumn orchards and cybersecurity have in common? Just like picking the perfect apple, it’s important to be selective when clicking links, opening attachments, or trusting senders! A great reminder to Stay Cyber SMART this Cybersecurity Awareness Month:
- Set strong, unique passwords.
- Make multifactor authentication a habit.
- Avoid risky links, attachments, and senders.
- Regularly do software and device updates.
- Take care with personal info.
It Starts With Trusting Your Instincts
Ever get an email that screams, “URGENT! Your account has been suspended—click here immediately!” and your gut just says, “Hmm … something’s fishy”? Trust that feeling. It’s your personal cybersecurity instinct leaping into action, kind of like spotting a worm in what looked like the perfect apple. If it seems off, don’t take a bite.
Let’s decode the scams, spot the red flags, and learn how to slam the digital door on sneaky cyber crooks.
Take a Bite Out of Social Engineering
Criminals have evolved from hiding behind ski masks to hiding behind suspicious links, spoofed phone numbers, and more. This is called social engineering—when bad actors manipulate you into handing over personal info or clicking something you shouldn’t.
The three biggest baddies on the block:
- Phishing (email): “This is your boss. I need gift cards. Now.”
- Smishing (text): “Your package couldn’t be delivered. Click here!”
- Vishing (voice call): “This is the IRS. Pay now or go to jail.”
Sounds dramatic, right? That’s because it is—on purpose. Scammers think you’re ripe for the picking, and they’ll rush you like a runaway hayride so you don’t stop and think.
Spot the Scam: Red Flags to Watch For
If you spot any of these signs, don’t click or respond:
- High-pressure urgency—“Act now or else!” (A classic rotten apple tactic.)
- Strange links or unexpected attachments—Hover before you click. If the link looks like http://not-your-bank.info.ru, maybe don’t click it.
- Sensitive info requests—No one legit will ask for your password, Social Security number, or banking info by email or text.
- Unknown senders or weird email addresses—“ITSupport@reallegitcompany.biz” isn’t fooling anyone.
- Odd language, grammar, or tone – “Dear esteemed user, your computer have virus” = alarm bells.
Real-Life Risky Business: A Tale of Two Emails
Email 1:
Subject: “Update Required—Your Account Will Be Locked”
Looks like it’s from Microsoft. The logo’s there. The email says your account is in danger. But wait—the sender is “support@micros0ft-security.help.” One little typo, one big red flag. Like an apple that looks perfect until you notice the soft spot.
Email 2:
Subject: “Look at this funny dog video!”
It’s from “Cousin Tammy.” You click. Instead of a corgi doing yoga, it installs malware. You’ve been doggone duped—and now your device has a worm that’s not from the orchard.
Your Click-Safe Survival Guide
Here’s how to outwit the scammers and keep your digital harvest healthy:
- Slow your scroll. Pause before clicking anything, especially in messages that feel off.
- Preview links before you click. On a computer, hover your mouse over a link to see the real destination.
- Verify through trusted channels. Think you got a message from your bank? Call them using the number on the back of your debit or credit card—not the one in the message.
- When money’s involved, make the call. If someone you know emails asking for money, wire transfers, or invoice payments—even if it looks legit—call them directly to confirm.
- No clicky, no tricky. Don’t open unexpected attachments, even if they claim to be invoices, receipts, or “important updates.”
- Report, don’t forward! Sharing a scammy email with friends just spreads the danger. Report it instead—don’t pass the bad apples around.
Stop the Scam: How to Report Phishing, Smishing, & Vishing
If it smells scammy, it probably is. Whether you’re at home or at work, here’s what to do:
At Work (for NDIT Team Members and State Workers)
Use the “Phish Alert” button in Microsoft Outlook, or contact your IT support team directly. They’ve got your back—like a trusty apple picker on ladder duty.
At Home
If you encounter a scam, report it to the Federal Trade Commission at ReportFraud.FTC.gov. Also, be sure to mark scam texts as spam on your phone, block suspicious numbers, and report robocalls whenever possible.
When in doubt, report it out. It’s better to flag a message than to fall for one.
Final Thought: Pause. Think. Then Click.
Clicking a single bad link doesn’t just put you at risk. It can compromise your identity, finances, workplace systems, and even the state services North Dakotans depend on daily.
This week, challenge yourself and your family to a “Scam Spotting Showdown.” Pull up your inboxes and texts, and see who can find the most red flags. Winner gets bragging rights, a safer digital life, and maybe a slice of apple pie for good measure.
And remember—when it comes to scams, if something smells phishy, it probably is. So stay alert. Stay safe. Stay Cyber SMART.
How you like them apples?!
