How To Detect Scam e-Mail

Scam mail haLoupeve been around probably since the invention of the postal service. However during those days, it can cost quite a lot to send out these mass mailers hence people didn’t encounter them too often. Unfortunately since it’s so cheap to send e-mail messages, these scam mail has become rampant and it becomes so easy for the villains behind them to prey on greedy idiots. Here’s how you can avoid becoming an idiot when one of these scam e-mail goes your way.

Things to watch for

  • Return addresses. Scammer could fake the “from” address field but they won’t be able to fake return addresses. If it appears that Google is sending you an e-mail then the return address should be suffixed by @google.com and not another domain. It’s quite easy for impostors to send an e-mail that appears to come from “john.doe@google.com” but it’s virtually impossible for them to receive into that address without an insider at Google being involved (note that @google.com is exclusive to Google employees unlike @gmail.com that just about anyone can register).
  • Instruction to click a hyperlink. Watch for links in e-mail addresses and verify if they’re OK before you click. If the e-mail claims that it’s from PayPal and they want you to click on a link to verify payment, be sure that the link goes to paypal.com and not some other host. Remember that clicking the link signals that you have read the message and confirms your e-mail address – opening the way for further spam or even scam messages. Not to mention that the fraudulent website may prompt you to install an application or browser plug-in that turn out to be a trojan horse.
  • Asking for money to give money. Even more so if the e-mail claims it’s from an established organization. If it’s really an established organization, they won’t ask for money to give you money. Moreover, having them giving you cash outright is questionable – even Apple’s 10 billionth app download winner didn’t get any real money but store credits instead.

An Example

Recently I received an e-mail that claims to be from Samsung Europe that said I won € 750,000, a laptop, and a mobile phone. Then they wanted me to contact their notary and keep the e-mail confidential. Let’s dissect this scam mail blow by blow.

Scam mail 2

If you notice carefully, the reply-to address is from the @europe.com domain and not samsung.com – this is the first thing that you should notice and raise a red flag in your brain. Secondly it points to a non-existent web page – www.samsung.com/europe doesn’t point to a proper regional site but a “select country” site.

Samsung Europe

In fact, I suspect that the whole “www.samsung.com/europe” thing is just to confuse you into believing that it’s return address of collection@samsung.europe.com belongs to Samsung – which is obviously not. 

 Scam headers 7

Then who owns europe.com? According to its whois entry, the domain belongs to “World Media Group, LLC” that is based in Bedminster, New Jersey.

Registrant Name: ATTN Domain Inquiries
Registrant Organization: World Media Group, LLC
Registrant Street: 90 Washington Valley Rd., #1128
Registrant City: Bedminster
Registrant State/Province: NJ
Registrant Postal Code: 07921
Registrant Country: US
Registrant Phone: +1.9089030200
Registrant Phone Ext.:
Registrant Fax: +1.9082759105
Registrant Fax Ext.:
Registrant Email: domains@world.com

The company’s official website at http://worldmediagroupllc.com shows that World Media Group is really a “domain squatter” organization. They buy single-word domains like lawyer.com and doctor.com and build advertising sites on it – which at this point the credibility of lawyers and doctors on that site may as well be questionable. 

World Media Group LLC

Last but not least, the THIS IS NOT A SPAM first line. With asterisks. Yeah, just like the folks who walks out of a pub with their faces red and not standing straight saying that they’re not drunk. Luckily Gmail classified this particular e-mail as spam. But we might not be so fortunate and the next time it may got through Google’s spam filters.

Just remember: be vigilant. This e-mail belongs to a class of techniques called social engineering – it manipulates the most powerful yet error-prone part of the security system: the bag of meat at the keyboard. Play your part in the human firewall to keep yourself and your colleagues safe.

Until next time, you stay safe.

 

Tags: , , , ,