E-mail Scams you Must Watch Out For

E-mail Scams you Must Watch Out For

The internet is a jungle and users must be careful not to be struck by a tarantula or hunted by the mighty big cats. Even the most beautiful flower can be dangerous. E-mail is one of the greatest forms of internet communication and more than often you might get hit with e-mail scams. Here I will take you through what to do to avoid being duped.

In the wake of using E-mail as an online marketing tool, you will find yourself receiving e-mail messages that are no more than an attempt to sell you some stuff you totally don’t need. Spam is one thing and Scams are just dangerously different. With spam other than clogging your bandwidth, they really do not cause much harm. But when it comes to E-mail Scams you better protect your e-mail system, because they tell another story of theft, truancy, scare just to mention a few.

E-mail scams have been around since the Internet went commercial in the early ’90s. A typical example would be the Nigerian scam messages which were there then and still are now. However, scammers have become more sophisticated, and some of the latest email scams are harder to detect — unless you know what you’re looking for. For instance, the Swine Flu scam that could really give your PC a cold.

Holiday seasons come with a lot of online activities, with users shopping online for gifts for their friends and family. This creates a window of opportunity for scammers to take advantage of the average computer user. Time is of the essence and we are in a hurry, we don’t take time to scrutinize e-mail messages to ascertain that they are legitimate.

Below are some of the email scams that are currently circulating on the Internet and information on how you can identify them and keep yourself from being victimized.


1: Fake Facebook “friend” messages

Social Network popularity has surged and scammers are taking advantage of how social networking websites work. For example, in Facebook, you might set up your account in such a way that you receive notification messages in your e-mail when someone posts something on your wall, sends you a private message or in this case requests to be your friend. Figure A below shows a fake Facebook friend request notification. If you have been receiving these notifications then if you look closely you will realize that this one does not have a reply link as the authentic Facebook notifications do. If you further scrutinize the fake message in comparison to an authentic one Figure B you will realize that the original message has more salient features.

Figure A

Fake Facebook message is close, but not close enough.

Fake Facebook message is close, but not close enough.


I opened up a message from Facebook that I know is legit. Figure B shows the real message (with the content blacked out to protect the privacy of the sender).

Figure B


If you check out the reply address in the fake message Figure A, you would expect the domain name to be www.facebook.com, but the fake address is facebook.montadalatihad.com. If you have read something on domain naming then you know that the “Facebook” in the fake address is just the name of a web server in the domain montadalitihad.com.  The To field in the message also does not show my name instead it shows “Undisclosed recipients” meaning this message found its way to several peoples inboxes. With further scrutiny of the e-mail message that is the headers – from commercial e-mail providers like Yahoo, Hotmail – select the message, right-click it and click on View full headers | View message source respectively.

In a real Facebook message, the Received: field in the header would be from mx-out.facebook.com. In this one, it’s mail.illimail.com. Surely, by now you must realize how conniving these scammers are.

To be safe opening e-mail scams or other security risks should be from a virtual machine so that the malicious code does not affect your real OS. When I clicked on the reply to link the fake e-mail message directed me to a convincing replica of the Facebook website. Variations on this scam may use other popular social networks, such as MySpace or LinkedIn. If you’re in doubt about the legitimacy of any “friend” message, login to your social network directly through the web browser and not through the link in the fake e-mail message. If the message is real, there will be a copy of it there.

2: Fake admin messages

Ignoring “friend” messages from friends especially those you have never heard of is common practice. But scammers are becoming more intuitive and know that a message from the site administrator will more likely get your attention. The fake message Figure D pretends to be from “The Facebook Team” and notifies you of a policy change that requires you to submit a new account agreement. They go a step further to threaten you of your account closure or restriction if you do not go through with their instructions.

Figure D

Here the scammer tried to fool people with a convincing From name, which shows that it is from facebookmail.com just like a real Facebook message. However, when you take a look at the To name, you can see that he is still randomizing recipients, maybe pulling them from a mailing list somewhere hoping that he/she would hit the right one. What triggers a RED ALERT is the attachments – notification messages never come with attachments and to make matters worse an attachment with an executable extension(*.exe). If the e-mail message was for real you would be directed to the social network site where you can read the agreement directly and accent to it by clicking on I Agree or something similar.

3: Fear-mongering messages

Apart from profiting reasons a scammer can at times send out scam messages which are not quite financially beneficial to him/her but earn them some gratification by upsetting or putting fear in others with an effort to feel great or powerful.

There are several examples of these types of messages, which usually don’t seem to make the current news headlines. Some years back there was one that warned that if you saw another car on the road at night with headlights off and blinked yours to signal the driver you were in danger of getting shot as part of some gang initiation. This article details the history of this email hoax.

Others have warned of a serial killer who lured women out of their homes by playing a recording of a crying baby and another of a rapist who would approach women in parking lots claiming to have picked up a five-dollar bill the woman had dropped.

The latest in fear-mongering messages like to play on health fears caused by all the recent media attention to swine flu (H1N1). An email message has been going around the Internet for several months warning that “The CDC says H1N1 is wiping out entire villages in Asia and expect it to hit the U.S. in January, where it will kill 6 out of 10 people.” The message further predicts that Martial Law will be imposed and you will be shot if you leave your house to purchase food, urging recipients to stock up now and buy face masks, use Purell and take Enzacta products to “keep your immune system strong.” If you were not already suspicious then reading on to the end will, it says that the pandemic was predicted years ago by a Russian mathematician and that it was caused by a tsunami. The full text of the message can be found here.

It is said that when something seems too good to be true then it probably is – not true. Similarly, these messages (especially if you are hearing them for the first time through e-mail) are ill-intended and you can bet that if a body like the CDC put out an announcement it would be all over the main stream news outlets.

4: Account termination scams

As I said before the holiday season comes with its downsides, especially you are an average user who needs some professional guidance as you surf the dangerous waters of the internet. Ill-motivated individuals always prey on users vulnerability and ignorance, especially during the holidays. Example case you might receive several fake messages – purportedly from online service providers like Amazon, PayPal and even as far as the bank telling you that your account has been or is about to be cancelled. Be cautious and scrutinize them well, in some cases, you will find that the scammer sends you an e-mail message purportedly from a service provider you don’t even have an account with.

Here’s a clue for you: The fake message will have a link that looks legit, like www.yourbank.com, but when you hover your mouse pointer over the link it should show you the actual URL, something different, often with a foreign country code such as .ru (Russian) or .cn (China).

Another clue is that these scam messages usually contain typos or grammatical errors you wouldn’t expect from a legitimate company.

5: Messed up greeting cards

The holiday season is here and it is a time to be jolly – maybe send a few cards to family and friends. Scammers know this and they have created e-mail messages with a link to view bogus greetings/holiday cards from a friend. On clicking the link you will be directed to a web site that will implant some malicious code on your computer.

Telling them apart is not as difficult, for one if you receive a card from the real card services, the message will contain the name of the sender. Scammers will use generic “A friend sent you a card”. The best way to know if the service is legit is to do a web search and find out more information about it. Alternatively, you can ignore the online card services and do it old school and send the greeting cards through the postal service or by personal e-mail and not through some web service.

6: Phantom packages

I would describe a phantom package as one that does exist and is a clever way to get unwary users to sign up for a whole lot of trouble. Like now the Christmas holidays are here and you should be suspicious of some unexpected delivery form DHL, FedEx or UPS. So scammer will send you messages telling you that you have to provide your shipping address among other personal information so that the package can be delivered.

The e-mail message will contain an attachment that is to be a form that you need to print and fill out so you can pick the package. However, the package does not exist and on clicking the attachment your computer gets infected with a very bad virus.  Be aware of variations on this scam, users are aware not to download attachments but, will readily click on a link to a scam powering web site which will only deliver malware straight to your system.

7: In Microsoft, Apple, HP, Dell we trust

Microsoft has grown to be the greatest provider of software solutions, from operating systems, database systems to simple word processing systems. This status makes Microsoft one of the most trusted companies in the world among others in their various niches, like Apple, HP and Dell. Scammers know this and they are sending e-mail messages that attempt to exploit users’ trust in their software/hardware vendors. The messages say they’re from the vendor and range from fake security warnings with attachments that claim to be vulnerability fixes (but are really malware) to bogus “special offers” to “payment requests” that require you to download and install a “transaction inspector module” (which is really a Trojan) if you want to decline to have the payment charged to your credit card.

8: You’re a winner!

You might have received an e-mail message telling you that you’re a winner in the lottery, contest, or drawing. All you have to do to claim your prize is fill out a form and email it back. Of course, the entity awarding the prize needs your social security number because the value of the prize must be reported to the IRS.

The bad thing about this scam is that you will indeed have to provide such information to claim a prize in a legitimate contest. Therefore, you have to be very careful before you send in any information. You might want to thoroughly scrutinize the e-mail message and ensure that it is legit. Besides, if you haven’t signed up for any of these contest then you must be extra suspicious and even if you really did enter the contest, you shouldn’t be careless. Check into the legitimacy of the email notification. It also comes down to practising safer communication techniques – always encrypt your e-mail when sending sensitive information. Look out for other safer alternatives of submitting this info. Legitimate contests will always have alternative methods to do so.

SNETTSCOM is an IT company. We excel at providing solutions in systems integration, consultancy, outsourcing, applications development, networking and security. Aside from this, SNETTSCOM also specializes in creative design and marketing.

Recommended Posts