Why E-Mail Fraud Still Works

Why E-Mail Fraud Still Works

Yahoo! became the latest internet giant to suffer a data breach and is expected to disclose the extent of the leak this week. According to CNN.com, 500 hundred million user accounts were compromised, meaning Yahoo! e-mail users if not already, are about to receive a barrage of requests and legitimate-looking proposals for their personal information.

The breach now also has consequences for Verizon, which recently purchased Yahoo! for $4.8 billion.

Hundreds of millions of Yahoo! e-mails have appeared for sale on the dark web, one hacker looking to sell 200,000 e-mail addresses for $1,800. In fact, anyone can purchase 1,000 e-mail addresses for as little as $5.

E-mail fraud was a significant topic of conversation Tuesday at the Kount Fraud 360 World Tour in Boston, which featured several expert keynote speakers.

So why is e-mail fraud still so popular?

Remember That Episode of The Office?

Speaking of e-mail scams, we’re reminded of a classic Michael Scott line from an episode of The Office titled ‘Michael’s Birthday’ (Season 2, episode 19):

“You know what, Toby? When the son of the deposed king of Nigeria e-mails you directly asking for help, you help. His father ran the friggin’ country, OK?!”

Michael’s naivete is both funny and sad at the same time.

Fraudulent E-Mails Still Pay

Fraudsters will purchase 5,000 e-mail addresses for $20 simply because out of those 5,000, several naïve folks will turnover their personal information that a fraudster can turn into cash.

In fact, it’s not just Nigerian royalty looking to offload their fortunes for social security and bank account numbers anymore. Hackers are sending fraudulent e-mails remarkably similar to, for example, the e-mail templates of Federal Express, eBay or Amazon, taking advantage of unknowing consumers to solicit personal information.

Sadly, some consumers comply.

We Receive Fraudulent E-Mails Often

This very week I received an e-mail inquiry from ‘Rick’ from a company called Worldupay.com inviting Instabill to partner with his company for payment processing solutions.

Fortunately, we’ve become adept at spotting an e-mail scam and the red flags were apparent:

  • Rick’s name appeared in Chinese in the sender window.
  • His e-mail message describing his company read as if it was cut and pasted from a legitimate payment processor website.
  • There were grammatical and punctuation errors. A legitimate payments provider never would have allowed such a flawed proposal to be released.
  • There were links in his e-mail, including one to the WorldUPay website that I dared not click. Instead, I keystroked the web address into my browser – it doesn’t exist.
  • There was no phone number in his e-mail.
  • And why was Rick e-mailing me? I’m merely the Senior Copywriter.

Again, however, a consumer or employee at any company may not have recognized this e-mail as fraudulent.

What Merchants Can Do With Fraudulent E-Mails

The fact that such an e-mail was sent unsolicited is a red flag in itself. Read it thoroughly and identify what they’re asking.

  • Are there spelling errors?
  • Does the text contain different fonts, sizes or colors?
  • Are you the appropriate recipient?
  • Is there a telephone number to call?

Perhaps the fraudster is not requesting information this time, but may in a second or third e-mail.

If you feel the e-mail was fraudulent, file it in your junk mail folder, which also contains the option to block further e-mails from this sender.

One Review on Why E-Mail Fraud Still Works

    Thank you for this article! I actually got an e-mail from same “company”. Given that it was sent to correct recipient in my case (I do work within same business area) – I almost fell for it 🙁

Leave a Reply

Your email address will not be published. Required fields are marked *