One of my clients recently received several email spam messages that she wanted me to pass along. These email spam messages were a little different from the ones that I usually receive, in that they specifically mentioned products and services that she offered. In other words, they were a little harder to recognize as spam than other generic email spam.
My client is in the dog training business. She has an extensive online training system that includes both dog training products and dog training services, like private lessons and classes. Because of her website content, she gets targeted with email spams that are a little harder to detect, because they mention her products and services.
Here’s the first example:
From: BILL CARSON <firstname.lastname@example.org>
Date: November 25, 2009 1:54:25 PM PST
Subject: Order request
Hello Greetings to you and the company well My name is Bill Carson and i will like to know if you do sell harness and if you do email me with the Types that you Have and include their prices range On them thank you
Now, she does indeed sell harnesses, so this might be a real customer. Let’s look at the email for warning signs that it’s an attempted spam.
1. The email was sent to her BCC (blind carbon copy), see how the “To” field is to email@example.com? Big red flag. Real clients generally don’t BCC you. Spammers use BCC all the time.
2. Subject is very, very generic and designed to get your attention. “Order request”.
3. Poor sentence structure, capitalization in weird places.
4. She has an online store, so logically, there’s no need to send products and pricing, it’s online – that is available to any real customer who wants to get the information. You can’t view a harness on her site without viewing the price, etc.
The purpose of this kind of spam, is to get you engaged with someone in a business transaction. You don’t want to get pulled into some kind of Nigerian scam.
This next example is a great one, you can see the beginnings of the money exchange attempt. Notice it is also sent BCC to my client, because the “To” field is geoff.collins. Also note it begins with “Greetings” – another apparent red flag:
From: Benjamin Morgan <firstname.lastname@example.org>
Date: November 25, 2009 5:19:31 AM PST
I hope this email meets you in good health and spirits.
I would be coming into the country with five puppies. As part of my Dad’s 50th birthday anniversay, I would love to have the puppies entertain the guests on that special day. Can you organize a 2 MONTH training lessons/classes for them? How many hours of lessons would the puppies need?
DATE: 25TH JANUARY 2010 TO 24TH MARCH 2010
In order to fully secure the booking with you, I would send my credit card details for a deposit. I hope you do accept credit cards via email? Do you have a POS termainal in your office? Kindly get back to me with a confirmatory email so we could proceed with the booking.
Notice how the email is trying to lure my client in with a big promise of lots of work and therefore lots of money? Notice how anxious they are to send credit card details? And they want to send them via email, which is totally unsecure? And they’re asking about a POS (point of sale) terminal? And of course, the whole idea is a bit farfetched, someone is coming from the UK with 5 puppies and he wants them trained for several months to entertain his father at his birthday party?
Let’s imagine how a trick like this might work. They send a stolen credit card number for a huge amount of money because continuously training 5 puppies for three months is a huge endeavor. Then, maybe they cancel it, and ask for a refund. Now, if you send them a refund before you and your credit card processing company figure out it’s stolen, you’re out of the money. Or perhaps they send the credit card, but it doesn’t work, and they they start asking you for your bank information to wire you the money….see how this works? I am guessing here, but you get my point. Use common sense.
So be very, very wary of emails that sound like these two. Remember the warning signs: you are bcc’d on the email, it’s addressed to someone else, they ask for things related to your business – but the requests don’t make sense, the emails start off with a formal greeting, and are badly written. It’s weird that these both came in on the same day!
Be careful out there!Jill
Aldebaran Web Design, Seattle
Jill Olkoski has a BS in Engineering, a BS in Computer Science and an MA in Clinical Psychology. She delights in using her advanced technical and psychological skills to help small business owners develop cost-effective and successful websites.