[woko]

I will tell you about my scam anecdote. I had been receiving an email once every few months for several years about the possibility to create an account on the website of my electricity provider. All of these emails were suspicious because of the very diverse and weird emails used by the sender, usually a slightly different one for each email. After a few years, I thought that these might be legit and clicked on the link provided in the email. I did not put in any personal information, and did not end up creating an account on their website. The week after, I received phone-text messages about some debt payment for electricity bills. I even received phone calls about it. Unless it is a coincidence, the people on the other side of this well-elaborate scam had to know my email and my phone number, and started the phone scam after they noticed I fell through the email scam. They tried to get me to pay their fake debt, which had always the same ID number, but a different amount of money to pay each time (sometimes lower than before). And they did not know my name: I know this for a fact thanks to the brief amount of time I spent on the phone with one of them. They thought I was someone else. They kept spamming my phone with text messages and phone calls around 8 a.m. or noon, once or twice per week. After ~9 months of them being blocked by me (I could only block the phone calls, the text message still went through, because they went through some kind of public advertising proxy with 5-6 digits), they completely stopped.

So yeah, rule number 1 of email protection should be: do not tell the scammer/spammer that you actually use this email address. In case of a doubt, click the "spam" button, block the address, but do not click "unsubscribe." Only click "unsubscribe" if you trust the sender, because once you have done it, your email address is suddenly worth a lot more, especially to bad actors.