It’s Halloween time again so I thought I’d mention Halloween Spoofs! Well, actually email spoofing happens year round.
An example of spoofing is when emails are sent that are addressed from you (and maybe to you) but you didn’t send them. In that case your address has been “spoofed”.
Spammers and scammers alike do this. There are a couple reasons it’s done.
Sometimes it is malicious. Let’s say someone goes onto numerous websites to sign up for information as XYZ Company. So a ton of spam is sent to XYZ. XYZ finds itself barraged with email and phone spam – wasting lots of their time.
More often XYZ is spoofed to appear to be the sender of spam. Folks local to XYZ are more likely to open the spoofed emails. The spam really isn’t from XYZ – just made to look like it is. So recipients think XYZ is spamming them. They’re annoyed with XYZ and report them as spammers and complain and so on.
Fortunately, spoofing doesn’t account for most Internet issues. It just makes life miserable for XYZ – the target – for a while.
The good news is that usually spoofing usually only lasts a few days. The actual sending server is identified and blocked or shut down.
Always report these issues to your email administrator. Early intervention saves lots of headaches in the long term.
When working in the web world as I do, Internet scams appear to be everywhere.
Phishing is defined as the act of attempting to trick the recipient of a malicious email into opening and engaging with it.
It’s amazing how people fall for phishing scams. They fall for them mostly because the emails are designed to appear like the writer isn’t too bright. So immediately the recipient thinks they have the upper hand. Many count on the recipient’s greed – believing they’ll get something for nothing.
The bad guys that develop these schemes are experts. All they do is work scams – day and night. They wouldn’t continue if it didn’t pay off in the long run.
I read someplace that billions of dollars annually are conned out of people through the various scams out there on the Internet. For the most part – I hate to say – they can’t be stopped. They are sent from all types of email addresses, all types of servers, from all over the world.
Bottom line is that you should keep deleting them. The best course of action is to stop responding to them and opening them. Report them as spam or report them as phishing attempts. Your email provider may provide insight with how to do this. They will ultimately stop coming.
Remember that if the bad guys can’t trick you into parting with your money they will focus on someone else – until they find someone who does. Just don’t be that someone.
We had intended to continue weekly with our web developer checklist. However, this week we’re presenting this post because so many people are receiving these bogus scam messages trying to trick them into paying an extortion.
This scam we mentioned quite a while ago. It has continued to pick up steam – plowing its way through every part of the Internet. It IS a SCAM. Do NOT pay it. We’ve had numerous people contact us that they are receiving such messages.
Here is is below in English and Chinese:
You may have noticed that I sent an email from your account.
This means I have full access to your device.
I have been watching it for a few months.
The truth is that you are infected with malware through an adult website you have visited.
If you are not familiar with this, I will explain.
I created high quality spyware. It allows me to gain full access and control over your device.
This means I can see everything on the screen, turn on the camera and microphone, but you don’t know.
I can also access all your contacts and all communications.
Why is your antivirus software not detecting malware?
Answer: My malware uses the driver, I update the signature every 4 hours so that your anti-virus software is silent.
I made a video showing how you can satisfy yourself in the left half of the screen, and in the right half you will see the video you watched.
One Key! All of your contacts in email and social networks will receive this video! Your life will change forever!
I can also post access to all email communications and messengers you use.
If you want to stop this ʌ
Transfer the $362 amount to my bitcoin address (if you don’t know how to do this, please write to Google: “Buy Bitcoin”).
My bitcoin address (BTC wallet) is: *********************************
After receiving the payment, I will delete the video and you will never hear my voice again.
I will give you 50 hours (more than 2 days) to pay.
I received a notification from this letter and the timer will work when you see the letter.
It doesn’t make sense to file a complaint somewhere because it can’t be tracked like my Bitcoin address.
I have not made any mistakes.
If I find that you shared this message with others, the video will be distributed immediately.
Good luck, goodbye!
一键！ 您在电子邮件和社交网络中的所有联系人都将收到此视频！ 你的生活将永远改变！
AND IT IS IN MANY OTHER LANGUAGES AS WELL!
Whether face to face or on the web, there’s only one chance to make a first impression. This short checklist contains “must haves” for a website. It’s unbelievable to leave them off a website. We’ve seen web developers as well as web do-it-yourselfers not provide the following.
Phone number – You’ve lost credibility right away if there is no phone number. Many people – yes even today – understand that talking actually accomplishes more faster.
Contact email – We recommend posting an email address. Some use forms keeping email hidden. Forms are easily “spammed” making more work.
Business location – Tell visitors at least what city you’re in. Customers wanting to deal locally appreciate this.
Hours of operation – Whether you expect foot traffic or take appointments, there’s nothing worse than guessing whether you’re open or not.
Who to deal with – Let visitors know who they can deal with. Staff shrouded in anonymity don’t appear helpful.
Aesthetics – Websites should appear clear and organized. Visitors expect some things in certain places – like navigation. Make it easy find items/topics and get around the site.
Website success happens by building visitors’ confidence in your business. Providing as much information as possible will help immensely with this process. Contact your web services provider for assistance. They, just like we at CharlesWorks, should be there to help.
Last week I wrote about possible dangers of “FREE” offerings.
While verbiage varies, the end result is the same if you follow their link: headaches of an unimaginable magnitude for you!
Here’s an example of many I see each day in our company emails:
Dear firstname.lastname@example.org ,
Your mailbox quota is full.
This may cause your mailbox to be disabled or you may no longer be able to receive more emails
to continue using your mailbox. You will need to upgrade your mailbox quota immediately. This service is free.
Re-update your account
Note: Failure to update your account might lead to permanent deactivation of your account.
The Security team. 2019
Clicking lands you on an extremely convincing page. One wanting me to enter my email login information even had “© 2018 CharlesWorks” in it.
These work based on two principles: Offering the FREE “we’ll fix it” service and threat of imminent services loss. Together they convince you to bite. Especially that sense of urgency! Remember the world isn’t going to halt if you don’t act right away – it can wait until you deal with it properly.
Companies don’t have you “verify” your email account this way. If anything seems fishy concerning your email, call your email provider and ask for assistance. That’s what you pay them for!