Every week my team and I share with you some sort of warning or how-to about how to spot fake, spoofed and garbage emails, whether it’s a legit-looking email from Apple or a fake email from your company’s CEO. One even targeted people and companies that use direct deposit for payroll.
So, I thought it would be “fun” to put together a collection of fake and spammy emails that I get, along with tips on how to spot them and what to do to prevent them. You’ll never rid your inbox completely of these types of messages, but the more you know, the safer you’ll be.
The first example is scary. They had my password right, but luckily I knew better than to respond.
Example of a fake extortion email
The sender of this email somehow knew my password to this website, which was connected to an email address that I rarely use. Clearly, they’d scraped that information from the website, not from me. This was easy to spot as a fake — I’d never visited any of the types of sites that “Kathy” mentions, and I have enough protection on my devices to know that no one accessed my webcam.
The next two are variations on email phishing that plays on people’s loneliness and looking for love.
Example of someone looking for love
The subject line got my attention because, as many of you know, I do love Hawaii and have a second home there. And I have awesome friends. However, this was an easy red flag — I’m no gentleman!
What should you do if you receive a message like this? Don’t click any links and don’t respond. Mark it as junk, so your email provider will recognize these types of messages and automatically filter them and send them to your junk folders.
Example of love phishing email with photo
This email looking for love takes deception up a notch by including a photo of “Tatyanulenka.”
What to do if you receive a message like this? Don’t click any links and don’t reply.
If you are looking for love and have registered with online match-making sites, before you click through to unsolicited emails like this, you’ve got a little weapon you can use. Take a screenshot of the image — do NOT download the photo — and do a reverse-image search.
We did it for Tatyana, and look what we found:
How to do a reverse-image search? Go to Google and in the upper right, click the word “Images.” You should see this:
Click the camera icon and then click the tab that reads, “Upload an image.” Click and upload your image, or simply drag it to the search page.
ED drug phishing email full of typos!
There are so many typos in this email, it’s laughable, but it’s also how they try to game email services that watch for words like “erectile dysfunction.” You’ll notice that every word is misspelled. Even the word “online” is misspelled because it has a zero for the O.
Again, if you get messages like this, flag them so your email provider knows. The more we report to our email providers, the better they will be at flagging them and preventing them from showing up in the first place.
I win $1.4 million from Google!
Remember that saying about how if something sounds too good to be true, it probably is? Here’s a good one, and look at how convincing it can be!
The From field says GOOGLE, but when you look at the email address — firstname.lastname@example.org? Red flag No. 1!
The message could fool unsuspecting people, especially if you are someone who enters sweepstakes and buys lottery tickets.
What should tip you off? First, the sender is not a Google address and neither is the reply-to email address.
Second, what does that first paragraph even mean? Don’t you think Google has better writers than that? And what exactly does it mean to be “a winner in the official publication of results of the E-mail electronic online sweepstakes?”
Never reply to messages like this, and if you receive one, flag it as spam and don’t click any links.