Hackers are taking advantage of AI to send phishing messages that are virtually impossible to tell from a legitimate message.  Now more than ever we need to be very cautious about e-mail - and never click a link in a message unless you have verified the message is from someone you know - and not someone posing as your friend, colleague, or vendor.  Even then you should try another way - go directly to the website through your web browser and avoid the link entirely.

Invoices are still an active scam: if you get an e-mail "receipt" for a purchase you did not make, delete it.  If you call the number or reply, you are only opening yourself up to a scam.

We cannot stress enough how important this is.

If you call the number listed on your screen or reply to the e-mail, you may be asked to provide:

• Your full name, street address, and e-mail address
• Your credit card number
• Your e-mail password and MFA code
• As much personal information as you are willing to share

Sharing your e-mail password is the most difficult to recover from - your credit card is protected by the issuing bank and charges can be reversed quite easily, but recovering from a stolen e-mail account is extremely difficult, especially if you use Microsoft, Google, or Yahoo and do not have multi-factor authentication enabled.

Any data they collect - especially personal data from those who like to share their life story with anyone who will listen.  The more details you give them about your life, the more they are able to exploit you and your friends in the future.

The best solution?  Delete any messages you are suspicious of.  If you think they may be legitimate (or not), call the person who "sent" it to you to verify before clicking any links in the message.