When in doubt – Don’t open, click on or respond to an email. Just delete it.
A good place to start this discussion is with the following excerpt. This is a section from an email newsletter I receive, regularly. It usually contains great information on how to use the Microsoft Office products more effectively. The source is from Office For Mere Mortals. Please take note of it and be careful. In this environment of fear the Scammers and Criminals are trying to take advantage of people’s fear and naivety to take your hard earned money. What follows is how to recognise and avoid email scams.
Office for Mere Mortals advice…
“Online Nasties using COVID-19
Criminals are using the Coronavirus/COVID-19 pandemic to spread their own nasty infections. Emails and messages are going out impersonating governments, health departments and even the WHO! The attached documents or linked web sites have malicious documents trying to infect your computer.
We hope all our readers know to be careful of incoming messages and web sites but especially at the moment. Bogus ‘news’, fake and ‘secret’ cures etc are all out there to get your money.
Beware incoming files with the old Office formats .DOC .XLS or .PPT or similar three-letter extensions. Most malicious documents use those old formats and should not be opened. Why Old Office documents should be banned
There are companies selling coronavirus ‘home test kits’ which haven’t been properly checked, might not work or give unreliable results.
KIDS and TEENAGERS: Police are concerned about children spending more time online. Child predators are taking advantage of the situation to ‘groom’ kids and teenagers who are online and perhaps not as supervised as they normally are.”
Great advice to avoid email scams, and something that we should be mindful of, not just in this current environment, but at all times. Many of my clients have asked me questions about potential scam emails and how to identify them. Sometimes this has been after the event, unfortunately. People have come to me after they have been scammed of their time, effort and, all too often, their money. Some information and a bit of simple observation can save you from these moments of doubt and fear. Here are some things to look out for…
Examples and what to look for.
The following are examples of emails I’ve been getting that are an obvious attempt to get me to respond and end up infected and out of pocket. Let’s take a look at the items circled and talk about why they are the keys to knowing that the email is false.
Dodgy Email 1.
Looking at clue number 1, the senders address doesn’t match the claimed company that’s sending the email. You will often see emails from Banks or Internet Service Providers (ISP) that ask you to respond. The huge majority of these are what we call “Phishing” exercises, (spelling is incorrect on purpose to differentiate from the noble art of angling!). One of the quickest ways to see that it is an attempt to defraud is to look at the sender. It will quickly tell you, if the sender’s address is different from the claimed sender, that it’s obviously false.
Clue number 2. Who is this person? It isn’t me. So, just like the fake email senders address, the person they claim to have sent it to is also false.
Just delete this email and move on with your life. Definitely nothing to see here, regardless of the content and any curiosity you may have. It won’t be worth the lesson you learn in not falling for these scams.
Dodgy Email 2.
Clue number 1 is exactly the same as the first example. This email claims to be from my own webmail server, yet the email is from “bselighting”. Definitely a big red flag.
Not even subtle, but the scammer doesn’t rely on subtlety. They rely on well-worn techniques that pick up the action of weeding out the knowledgeable from the gullible. Being knowledgeable, we don’t respond. That saves them time spent with people who aren’t “victims” and, in some cases, the very real threat to them of the reverse scammer. The reverse scammer is a person who make it their business to scam the scammer. I personally love their work and, when I want to see Justice in action and have the occasional laugh at a scammer’s expense, I check out their work. I’ll provide links to some YouTube Videos for your enjoyment later in this article.
Now to clue number 2. Why do I need a big blue box/link to access my own webmail server? The simple answer is, I don’t. Emails from the actual sites and companies you deal with ask you to use your known methods of getting in contact with them.
Conclusion
Reputable sites won’t send you a link unless you request it. You know, because you initiated it, when you ask for a password to be reset you will often get an email with a link for you to follow to confirm the action. This is so the company your dealing with can in turn confirm it’s actually you, based on the information you used to create the contact with them in the first place, (i.e. your email). They WILL NOT send an email to your account on their own behalf asking you to provide your own security details, (they already know the information), to get you to do something on their behalf. Ever. An “unsolicited” email is the act of a scammer phishing for your details so they can access your accounts and identity and use them for their own nefarious purposes.
Again, just delete the email and get on with your safe life. Be happy. You’ve saved yourself, from the clutches of people who wish to do you harm, by your being knowledgeable and diligent.
There are variances and other known techniques from scammers that go beyond these visible clues, but truthfully, once you get an understanding of how these people and groups work it will be a lot easier to recognise them and stop it before anything untoward happens.
Scammers getting Scammed. YAY!
Here are some links to YouTube videos and series from some of these scam busters and a very funny response by a comedian: –
James Veitch 1 – https://www.youtube.com/watch?v=_QdPW8JrYzQ
James Veitch 2 – https://www.youtube.com/watch?v=C4Uc-cztsJo&t=86s
Jim Browning – Spying on the Scammers – https://www.youtube.com/channel/UCBNG0osIBAprVcZZ3ic84vw
And many more…. https://www.youtube.com/results?search_query=scammer+gets+owned
So, please be careful, and not just because of the physical virus we are all trying to avoid. Stay safe and avoid email scams by remembering what you’ve been shown here and if in doubt and we can meet your needs, give BurtonIT a call.
Andrew Burton – BurtonIT