A 55-year-old Michigan woman who won $3 million playing the Michigan Lottery could have missed out on claiming her prize if she hadn’t checked her spam folder.
The Michigan Lottery on Friday published the story of Oakland County resident Laura Spears, who found out via her spam folder that she had won a $3 million Mega Millions prize in the Dec. 31, 2021, drawing.
“I was looking for a missing email from someone, so I checked the spam folder in my email account,” Spears told Michigan Lottery Connect. “That’s when I saw an email from the Lottery saying I had won a prize. I couldn’t believe what I was reading, so I logged in to my Lottery account to confirm the message in the email.”
Spears then claimed her prize at the Michigan Lottery headquarters in Lansing. She told Michigan Lottery Connect, “It’s all still so shocking to me that I really won $3 million!”
“I definitely added the Michigan Lottery to my safe senders list just in case I ever get lucky enough to receive another email about a huge prize,” added Spears, who said she will use the prize money to retire early.
While Spears’s venture into her spam folder produced a happy ending, hers “seems to be a classic example of the exception that proves the rule – in this case, don’t believe emails that sound too good to be true,” said Jeremy Grant, managing director in the law firm Venable’s cybersecurity practice, in an email.
Most people who receive emails, letters or phone calls telling them they’ve won the lottery are more likely to be the target of a scam. Lottery fraud is common in the United States: Of the more than 600,000 complaints of fraud the Federal Trade Commission received in the third quarter of 2021, scams that used prizes, sweepstakes and lotteries as bait were the third most common, generating a total loss of $56.3 million for the consumers who fell for them.
Not all lottery scams come in the form of an email, and the tactics can vary. Some are phishing attempts, “a social engineering tactic aimed at getting money or sensitive information from victims using an enticing ‘hook,’ ” says Eric Wenger, senior director for technology policy at Cisco Systems. “Another common approach is the ‘dire warning’ that threatens terrible consequences if it is ignored” and that leverages “consumers’ anxieties . . . to steal credentials and rob consumers,” Wenger told The Washington Post in an email.
Jake Harris, player relations manager at the Michigan Lottery, said via email that “the Lottery encourages everyone to be vigilant regarding emails they receive.” In Michigan, only consumers who buy a lottery ticket or play a lottery game can win a prize, he said, and only those who buy a ticket online can register to receive email notifications about it.
“In cases like this, the email prompts the player to check their Lottery account for further instructions on how to claim their winnings, or to contact the Lottery’s customer support team for more information. The email did not detail the prize amount won or ask the player to pay money to claim the prize, which is often the case with email-based Lottery scams,” Harris told The Post.
According to the Better Business Bureau (BBB), the victims of lottery fraud are often “older people who are dreaming of a big win or a financial windfall in their golden years.”
The coronavirus pandemic made things worse, according to the BBB, which notes that financial losses reported to the Federal Trade Commission, the FBI and the Canadian Anti-Fraud Center “rose dramatically in 2020,” as many people were stuck at home and away from their support networks.
While law enforcement agencies have made efforts to crack down on lottery fraud and to educate people on how to detect fraud, scams are still common and many consumers still fall for them.
Cybersecurity experts and law enforcement have tips about how not to become a victim of these scams, particularly when they come in the form of an email. “My strong advice would be that anyone who gets an unexpected email with a link should delete the message – even if it promises you instant riches,” says Cisco’s Wenger.
“Then if, as Ms. Spears did, you actually have an account with the purported source of the message, open a new browser window, type in the address manually, and log in to see if can confirm what you read in the email. Also, you can often pick up the phone and call the number on the back of your credit card – or in this case lottery ticket – to speak to someone.”
“Clicking on random links” in unexpected emails is always a “recipe for trouble,” Wenger added.