Email alert scam is on the rise, as I received four of them in as many days. In this short post, we discuss how to recognize them, and how to avoid them.
If you’re like me, you receive a lot of emails. Scattered among those emails are dangerous “phishing” emails. The goal of these emails is to prompt you to click on a hyperlink within them, which in turn provides the hackers with access to your computer.
The emails are made to look official and coming from a company that you may actually have an account with. You should always be suspicious of any email that prompts an action — either one that confirms the money you just spent (which of course you didn’t) or warns of penalty if you don’t upgrade now.
The two I’ve been receiving the most of late are domain name registration default and confirmation of an Amazon purchase.
You’ll receive a branded email — Amazon confirming your recent purchase. Of course, you didn’t make the purchase, so you panic that you were hacked or someone fraudulently used your account. you click on the Order# hyperlink to see what it is all about. Once you’ve clicked the link, they’ve won.
In the case of the email I received, it was branded from Amazon and stated: “Thank you for shopping with us. We’d like to let you know that Amazon has received your order, and is preparing it for shipment. Your estimated delivery date is below.“
Order #305-4473028-5437651 (this was hyperlinked, though I removed it)
If you need further assistance or to Cancel your order, Call Our Customer Service +1 (805) 500-6557 .
TomorrowYour shipping speed:
|Your package was sent to:|
David H Banns
1360 Rain tree Lane
Wellington, Florida 33414, US
This one is just a graphic thanking you for your order, with a “if you want to cancel call us at _______
When you receive an email that (A) confirms an action taken by you (i.e. you made a purchase), or (B) instructs you to take action or be penalized, you should be careful.
Another scam claims that this is your final notice before your domain name expires. In this case, option two below is always recommended.
You can proceed in one of two ways.
First, assess whether it is real by checking the “From” email address. This is not the same as the “From” name, The name can easily be manipulated. In the case above the email said From Amazon. But the email came from [email protected] Clearly, @gmail.com is not Amazon. However, some email phishing is more sophisticated than others.
For example, some time back I was receiving scam emails pretending to be Bank of America. When I received [email protected] it took a moment for me to question it. It was fake, based on the @bankofamerica.sos.com. The real notifications from Bank of America looks like this: [email protected]bankofamerica.com.
The second and more sure-fire way to avoid clicking on scam emails, if to simply go to the account directly, login, and see if there is any notifications. If not, then the email was a scam.
Be diligent and careful so that you’re not the next victim of an email alert scam