Email Alert Scam

Email alert scam is on the rise, as I received four of them in as many days. In this short post, we discuss how to recognize them, and how to avoid them.

If you’re like me, you receive a lot of emails. Scattered among those emails are dangerous “phishing” emails. The goal of these emails is to prompt you to click on a hyperlink within them, which in turn provides the hackers with access to your computer.

The emails are made to look official and coming from a company that you may actually have an account with.  You should always be suspicious of any email that prompts an action — either one that confirms the money you just spent (which of course you didn’t) or warns of penalty if you don’t upgrade now.

The two I’ve been receiving the most of late are domain name registration default and confirmation of an Amazon purchase.

EMAIL SCAM ALERT

• THE AMAZON SCAM

You’ll receive a branded email — Amazon confirming your recent purchase. Of course, you didn’t make the purchase, so you panic that you were hacked or someone fraudulently used your account. you click on the Order# hyperlink to see what it is all about. Once you’ve clicked the link, they’ve won.

In the case of the email I received, it was branded from Amazon and stated: “Thank you for shopping with us. We’d like to let you know that Amazon has received your order, and is preparing it for shipment. Your estimated delivery date is below.“

                       Shipping Confirmation

                   Order #305-4473028-5437651 (this was hyperlinked, though I removed it)

If you need further assistance or to Cancel your order, Call Our Customer Service +1 (805) 500-6557 .

• The MICROSOFT EMAIL SCAM 

  The subject line will likely say something like YOUR SUBSCRIPTION CONFORMATION and look like this below.
  DATE OF ISSUE
  Thursday, April 22, 2021
  Windows Defender Advanced Threat Protection Firewall & Network Protection (One Year Subscription)
  $299.99
  Payment Mode – CARD
  Payment Status – SUCCESSFULLY PAID
  (You have 24hrs for refund this charges)
  TERMS
  If You Have any queries related this Invoice contact to helpline number
  +1 (608) 291 7575.
  Thanks

  Microsoft Account Team

• THE NORTON SCAM

This one is just a graphic thanking you for your order, with a “if you want to cancel call us at _______

INCOMING EMAIL RESPONSE OPTIONS

When you receive an email that (A) confirms an action taken by you (i.e. you made a purchase), or (B) instructs you to take action or be penalized, you should be careful.

Another scam claims that this is your final notice before your domain name expires. In this case, option two below is always recommended.

You can proceed in one of two ways.

OPTION ONE

First, assess whether it is real by checking the “From” email address. This is not the same as the “From” name, The name can easily be manipulated. In the case above the email said From Amazon. But the email came from [email protected]. Clearly, @gmail.com is not Amazon. However, some email phishing is more sophisticated than others.

For example, some time back I was receiving scam emails pretending to be Bank of America. When I received [email protected] it took a moment for me to question it.  It was fake, based on the @bankofamerica.sos.com. The real notifications from Bank of America looks like this: onlinebanking@ealerts.bankofamerica.com.

OPTION TWO

The second and more sure-fire way to avoid clicking on scam emails, if to simply go to the account directly, login, and see if there is any notifications. If not, then the email was a scam.

Be diligent and careful so that you’re not the next victim of an email alert scam