Email Scams Getting More Sophisticated
 | Author:
Victor Sample
Vic Sample: MT43 News Treasurer |
Email Scams Getting More Sophisticated
Victor Sample
Lately, I have seen email scams getting more sophisticated. I recently received several emails purporting to be from various companies. Instead of offering “Customer Loyalty” rewards, which are pretty easily identified as scams, these look like perfectly valid ads. They look very professional and, of course, want me to click on a link to get a quote or get a special promotional discount.
However, even a cursory look at the actual email (display the actual email address – it’s from not who it says it’s from – just click on the email information) shows they are scams. There is no reference to the actual company they purport to be from.
Those are the easy ones – you can quickly tell they are scams. But I have seen more sophisticated scams lately.
One I received at my personal email address claimed that someone from Pakistan had used my “booking website” to book a flight and a hotel room. The person had not received any confirmations and repeated attempts to contact me through the website didn’t work. So, they emailed me directly to ask what was going on and do they indeed have a flight and a hotel booked.
Emails are cheap, so scammers can send emails to everyone at very little cost. So they send emails out to a huge number of email addresses hoping that some small percentage of people will respond to their email. However, this one had an extremely small number of emails that would actually go to someone who had a booking website.
Furthermore, the email explicitly asked me to respond to his wife’s email address not to the email address that I received the email from. That made me a little suspicious. He, of course, included his wife’s email address for me to click on to reply.
People want to be helpful or polite. It’s natural to want to reply to tell him that he didn’t have the right email; and that he reached the wrong person. Maybe you want to tell him he must have been scammed.
But, instead of clicking on the email address and replying to him, I copied the email address and pasted it into a text editor. That shows me the actual link rather than the text of the link. The “email address” was not an email address – it was a link to a website.
They were clearly hoping I would click on the “email address” to reply that there was some kind of misunderstanding and that I didn’t know anything about their problem or even the booking site they said they used.
Over the last 3-4 months, MT43 News has been flooded with emails from Glacier Bank to “Dear Valued Customer” stating they have an important message for us. Glacier Bank is a valid bank holding company out of Kalispell with a number of regional banks all over the west.
The first tip that this was not legitimate was that we are not a Glacier Bank customer or a customer of any of the regional banks they own (like Valley Bank). Again, just looking at the true email address showed it was not from Glacier Bank or any Glacier Bank subsidiaries.
After we received a number of these emails I did a search on Glacier Bank Email Scams. There were a LOT of reports of these scam emails.
So, not all that hard to detect --- until they changed their email process. Sometimes it still shows a clearly suspicious email: call@iasoflowers.gr
The “.gr” indicates it’s from Greece. But a lot of them are from “noreply@glacierbank.com”. That looks pretty valid! There is of course a link in the email that I need to click on. I COPIED the link and pasted it into a text editor. The link actually went to “abpw0.za.com/.xx/bic/freshmontana”
That doesn’t really look much like a Glacier Bank link.
Another email that MT43 News has been receiving is a notice that either our email server is about to expire and I need to click on a link to renew it OR our email address is about to expire and I need to click on a link to renew it. The emails look very professional and they are always signed by the “MT43 News Email Team”.
Again, the first clue that this might not be a legitimate email is that I am the MT43 News Email Team. Again, looking at the actual email address that sent the email shows it’s clearly not from anyone legitimate. Copying the link in the email and posting it into a text editor verified it is not legitimate!
Do NOT click on any links in an email or a text unless you are ABSOLUTELY certain the email is valid. In the past, I advised that you display the actual email address that sent the email – and you should continue to do that.
However, the scammers are getting more sophisticated. In addition to checking out the email address, if there are any links in the email copy the link (do not click on it). On my phone, holding down on the link gives me the option of copying the link. On my PC, a RIGHT click on the link will either show me the true link URL or give me the ability to copy the URL.
DO NOT CLICK on any links until you are certain the email is valid and the links are valid.
Always beware!
