In this article we’ll discuss:
Our current era of cyber-infiltration has reached new heights in the realm of account hijacking, money scams, and fraudulent claims. Many of our clients—and even ourselves—have received recent emails directing recipients to download necessary services, purchase gift cards, repurchase a domain, pay an invoice, or send money orders at the most irregular of times. Some may even proclaim alleged copyright infringement from videos, images, or extraneous material we know to be licensed and legitimate.
So how do we spot the difference between the real and the fake? Let’s start with some key differences between spam and phishing scams.
Not to be confused with phishing scams, spam takes the form of unsolicited services and bulky advertisements amid piles of unopened marketing ploys in our inboxes or junk folders. Alas, we’ve never subscribed to any of these irrelevant services or websites, so why are we receiving such content?
Our email addresses are scanned hundreds of times a day, some through form submissions, some from data collection bots known as “harvesters” which store and solicit your information. Advertisers and spammers can pay to have bulk emails sent to thousands of accounts for a fraction of the price of normal marketing tactics, hence the ever-lingering use of spam.
The far more dangerous form of unwarranted solicitation, phishing scams seek susceptible individuals or companies to click malicious links, download harmful files, or send convoluted money orders to obscure locations or links. Many now demand payment for copyrighted materials or unpaid domain registration fees. This should be the first sign of ill intent.
Falling prey to these schemes can provide scammers access to your most sensitive information from your social security number, bank account information, and account data from your most visited platforms. This form of cyber sabotage is continually evolving as individuals become more savvy to their tactics, but can be spotted in some of these common signs:
Domain phishing is currently one of the most widely circulated forms of phishing, targeted largely toward new websites. Many of our clients have contacted us—especially within the first few weeks of their website going live—of emails claiming their domain is in need of resubscription at a new and unknown domain registry site—OR ELSE. Although common, these emails can trigger unsuspecting victims into clicking malicious links or sending high-dollar payments to scammers.
One of our own employees provided the following example of a domain phishing email they received within the past year:
You may also receive physical letters mailed to your business or home address from “US Domain Authority” or other such organizations that try to get you to pay a couple hundred dollars to switch your domain over to them. These are not bills, and you shouldn’t ever send money to a “domain authority” unless you are certain your domain is registered with them. If you’re ever unsure about such messages, contact your website developer. But more often than not (like 99.9% of the time) these are phishing scams to get your money.
Enacted in the United States in 1998, the Digital Millennium Copyright Act (DMCA) sought to criminalize the misuse of copyrighted materials in the form of technology, devices, or services. Scammers across the web have taken advantage of misinforming individuals and companies of their unlawful use of copyrighted materials at the consequence of thousands of dollars.
You may receive an email that has a script similar to the following:
Hi there! My name is Jennifer.
Your website or a website that your organization hosts is infringing on a copyright protected images owned by myself. Check out this report with the URLs to my images you used at www.yourdomainname.com and my previous publications to get the proof of my copyrights. Download it right now and check this out for yourself: (insert spammy link here)
I really believe you have willfully infringed my legal rights under 17 U.S.C. Section 101 et seq. and could possibly be liable for statutory damage of up to $150,000 as set-forth in Section 504 (c)(2) of the Digital Millennium Copyright Act (”DMCA”) therein.
This message is official notice. I seek the removal of the infringing materials referenced above. Please take note as a company, the Digital Millennium Copyright Act demands you, to eliminate or disable access to the copyrighted content upon receipt of this notice. In case you do not cease the utilization of the above mentioned infringing content a court action can be started against you. I have a good self-belief that use of the copyrighted materials mentioned above as presumably violating is not approved by the legal copyright owner, its legal agent, as well as legislation. I swear, under consequence of perjury, that the information in this notification is correct and that I am the copyright owner or am permitted to act on behalf of the proprietor of an exclusive right that is presumably infringed.
Regards, Jennifer Connolly 06/09/2021
This fraudulent assertion of misused copyrighted materials can alarm even the most informed techies and business owners. You may have even begun to scour your own websites in search of images or media that warrant the claim. But fear not, receiving such an email is red flag number one, as any valid claim is served and upheld by lawyers and legal professionals, not an email submission form from your website or spam inbox.
The email you received will likely direct you with a link to examine the content believed to be unlawfully used. This is your red flag number two, as this link is likely a pathway to malware or harmful materials used to hijack your information. Always refrain from the impulse to click these links if you’re ever uncertain of the source. Your online security is worth more than the cost of curiosity.
A new scam targeting business owners is making the rounds. Scammers are misleading businesses and overpaying/using stolen credit cards in a money-laundering scheme. These scammers may message or email business owners through their website or Google Messages, maybe even through social media, to inquire about services. They'll say anything they can to avoid speaking on the phone or in person. Possible excuses may be a hearing impairment or recent surgery (see our example below).
Here's how the scam works according to news-journal.com: Business owners report receiving an inquiry via text or email from someone who claims to be hearing impaired and in need of their services. The first communication inquires whether the business accepts credit cards. Once the business responds, the scammer overpays for the service/product, then requests a partial refund via wire transfer. Soon after, the transaction is discovered to be fraudulent and the original credit card payment is charged back to the business owner.
To avoid this scam:
Of course we should always be sensitive to anyone with an actual hearing impairment or other disability, so while these red flags are important to look for, don’t immediately turn someone away if they say they are hearing impaired.
Unfortunately, we’ll likely always be plagued by some form of spam, scam, or scheme wherever a quick buck can be made. This isn’t to say, however, that protections don’t exist to deter the onslaught of fraudulent activity across the web.
Our services offer domain renewals, management, and spam filtering services along with our web development and SEO expertise. We even supply software to detect and remove suspicious behaviors from online submissions.
Built-in to our Umbraco content management system (CMS) and digital marketing services comes Akismet, a spam-filtering service capable of detecting and deterring spam-based comments, emails, and submission form messages. Many of our clients have agreed the few extra dollars a month for a licensed version has provided peace of mind, while alleviating hundreds of fraudulent emails a month.
Features like Akismet, and the ability to detect phishing scams when they arise, can help keep your information secure and discrete. If you’re ever uncertain of the content you’ve received, don’t click the link! Give us a call for an assessment on how we can provide the security and management your website deserves.