Wednesday, December 11, 2019

Scams: Tis the Season

It's the holiday season, and the scams are all hard at work.

This morning I had two scams and one legit email all side-by-side in my inbox so I figured the cyber-gods are telling me I should stop jumping up and down on Facebook and write something useful. I later received a third scam.


So I am looking at:

 - an amateur scam
 - a better scam
 - a scary credit card scam
 - a completely legit update email

It used to be you could not rely on the From line of an email. These days you can more often, but now they insert clever typo domains.


In all cases, what you want to do is:

 - Check the From line
 - Hover over the link that's in the email to check where it want to send you.


Amateur Scam

The From line is completely unrecognizable, and could very well be from France, but we really don't care.




The email looked like:





"We hereby announce" is pretty hilarious in an of itself, but what you need to do is HOVER (don't click) your mouse over the Click to Verify link and see where it wants to take you.


That link says: 




What's important here is that it's a site you don't recognize and have no interest in. It usually is someone else's site that has been broken into and a cyber-intruder has place malware on it.



At this point, you should just delete the email.



A Slightly Better Scam

This one is better because it has names you might recognize but the technique for dealing with it are the same.


The From line says: 



Note the spelling: amazons.com
That's not legit


The actual email I received is:







Again, hover over the "Login with Amazon" link.

It says: 






Poor southernimaging.com has been broken into and has nothing to do with Amazon.

Again, just delete the email.



A Scary Credit Card Scam


This scam is just like all the others, but when it comes to your credit card, as soon as you spot it, it's best to just delete it and then go to your bank's website directly.

The thing that makes this so obvious is the scary "we regret to inform you tone" that your bank never uses. The other thing is the implied threat of it. You won't be able to do your usual banking unless you do X. Which mostly means click here and enter in your login and password. Thank you very much.

You bank will never do this. If they want your attention, they call or send paper letters. Even if you've gone paperless, this is not what they do. If you're not sure of something call them or log into their website yourself.





A Legit Email

Here is a legit email from Chewy.com. It has a link that is ok.









If you hover over Track My Order you see:







http://email-sendgrid-deep-linking.chewy.com/...
May look funny, but it really does end with chewy.com and belongs to them.


The important thing is to read the domain name all the way up to the "/"

Sometimes they will try to fool you with something like:

familiar-site.malware-site.com/


If you're not sure about an email, then don't click on anything, but go to the vendor's website directly. This is always the safest approach.


Surf safely.




No comments: