Embedded Files
Protect yourself from potential scams
How many emails do you get a day... and how many times have you thought, "Is that real?"
The following are by far not exhaustive, but will give you a couple of tips and things to look out for to protect yourself from bad actors.
Remember, your personal data is actually more valued than actual wealth... someone else being you can amount debt, carry out nefarious acts, or apply for various services in your name, so being sure you know who you are communicating with is vital in a modern world.
The offer
Always be suspicious with anything that looks 'too good to be true', because generally it is! However some companies do use ''lost leaders'', (products or services that actually cost the provider to offer, sometimes free, or at a substantially reduced rate), to tempt new custom, or increase awareness of a brand or service.
So how do you know if the offer is real or not:
The following cases supposes an offer from your favourite shopping destination 'SuparBarginz', or their online shop at suparbarginz.com...
Why is their online presence important?
...good question! read on
Email No 1
Yip, that looks fine, I'll just click 'here' and get my £99 vouchers
Woah, hold on!
Firstly, the 'From' isn't an address, (which might just be your email client being nice and giving you an easier name to look at), and without hovering over the 'winwinwin' we cannot see who sent it... oh, now is a good time to mention, see their 'online presence', that's where this is important.
Their domain address of 'suparbarginz.com' & is where this email should come from, (or some derivative of it).. let's explain that properly;
if the email was 'win@competitions.supabarginz.com' or 'wincompetitions@suparbarginz.com' both would be OK,
BUT 'win@suparbarginz.competition.com' or 'suparB@.GhI09.net' are not....
Why?
The final element of the address is the 'domain' ie 'suparbarginz.com' if an email ends in either of the second examples, or indeed any others, then the communication was sent from outside the company's realm.
Using the above as an example, now we have highlighted the 'From', and the address ends with 'eezeewin.net'.
That's a sure fire scam email! ...or is it!
It highly likely this is a scam, however, some companies do use external marketers to do their promotions, so we should look at other identifiers to confirm
Next thing we discover is that the addressee is the first part of the email address, if you had a fantastical address like, 'angelwing@xmail.com' then the 'Dear angelwing' is a sure sign that the email was sent by 'bots', (shortened from robotic, basically piece of software that randomises email addresses and send to various domains in the hope of a hit)
Similarly, the spelling of the subject isn't good grammar, which suggests it's written by a foreign actor, and given that the company is local to you, it's unlikely they'd make that mistake.
Anything else I should look for?
Well actually yes, probably the biggest clue, which you really should always check, even if your pretty sure the email in legit
If you hover over the 'here' link, it will tell you where that particular link will land;
As you can see the destination address is 'megatelltale.xyz', which clearly is nothing to do with the shopping business. Can you smell a scammer?!
Given everything we have learned we can certainly say with a more than reasonable amount of certainty Email number 1 is a SCAM
Email No 2
Ummm.. that looks suspicious
Yes, and where to start!
OK, let's start at the top, similar to the last email, the 'From' gives it away, although they have used 'suparbarginz', in the hope that is what your email client will show you, or that's all you'll read, the actual 'domain' name is '@p9ii.com'.. need we go any farther
The addressee is the email address, regardless of anything else that is a sure fire indicator that this is sent to multiple emails in a hope for a hit
The format just isn't 'professional', it's unlikely that this single paragraph would pass the marketing department, it's just wrong
The grammar, spelling and punctuation is way off acceptable as well
Seemingly we moved to North America or Australia as the reward amount is in dollars
There's no need to check the 'here' link, we've seen enough
Once more, using our knowledge from the first email as well as our observation from the train wreck of Email number 2 , it's reasonable to conclude that it is a SCAM
Email No 3
Surely this one is OK, isn't it?
From the top
The 'From' matches the company domain, so it's likely from the correct place. Your email client may show this a 'Surprise', but a quick hover over the name as demonstrated in the first example should show the email address
Again depending on the email client you use, the logo may appear as a cross, or say 'click to allow images', this is normal
Addressee looks OK, but in the example, can be derived from the email address. If you use a whimsical address like 'angelwings@xmail.com', and the addressee is 'Mrs Smith', or 'Gill', then the database used to send the email is 'clean'*
The format, punctuation, grammar and spelling look professional
The value is in local currency
Finally, when we hover over the link to the competition, the domain matches the business 'suparbarginz.com'
*NB The terminology 'clean' in relation to the founding database is a clue, but not 100% trustworthy. We have all heard of our details being sold by unsavoury actors, and although this measure it's a fair guide, be aware that your personal contacts may have been 'sold on' if you have agreed to/unticked a box on some web form at some time or another.
Based on all the evidence on the examples above it is reasonable to accept that Email 3 IS genuinely from SuparBarginz.
ALWAYS be on your guard before supplying details to anyone, especially online, and even if the page the link takes you too looks correct, these scammers are too clever, and will 'mock up' a webpage to look like the one you think is correct
One thing you haven't mentioned, what about all the stuff on the bottom of the email, they all link to the proper website, surely that means they are all OK?
Good point!
The summary of email 3 above touches on 'mock-up' pages, these apply to emails as well. Let us explain better;
The goal of the scammer is to trick you into giving them your personal details, so they can appear to be you to gain financially, or make you simply surrender access to some online profile or worse, bank account.
One of the tricks they use is to make you think it's the 'real email', or the 'real website'. So when you open the email, the links for everything else rather than 'link' they want you to click, are actually correct. This is in the hope that you click the other links first, and see that they land on the genuine site, and 'assume' the link they have sneaked in is correct too! Pretty sneaky huh?
This sneaky trick is mostly employed on those email that come from online banking scams, knowing that people are becoming more aware of their tactics, they make them look as genuine as possible, so ALWAYS double check that destination link.
As with anything, don't drop your guard, and if in doubt, ask a trusted person to verify, two heads are better than one!
Where can I go to get help or report something
Phone help
Police non emergency in the UK Call 101
Action Fraud 0300 123 2040
Citizens Advice England 0800 144 8848
Citizens Advice Wales 0800 702 2020
Citizens Advice Scotland 0800 028 1456
Citizens Advice Northern Ireland [check the website for your local centre]
Victim Support 0808 168 9111
Samaritans (24hrs) free 116 123
Age UK 0800 169 6565
Website for help
Action Fraud and Cyber Crime reporting
Citizens advice UK
Victim Support
Samaritans
Age UK
Money Saving Expert, (and useful resource)
You can also get assistance from your local authority. Just do a web-search for their phone numbers and/or email addresses
Google Sites
Report abuse