Not so long ago, email spam seemed so obvious. “Buy Viagra” they shouted at me. If these emails weren’t already in my junk mail folder, I deleted them in a second. Unfortunately, spammers are getting smarter though. Recently there have been several messages either in my inbox or spam folder that seemed legit and have taken quite some time and attention to realise they are actually spam.
The biggest tip I can give here is NEVER click on a link in an email if you’re not positive it’s not spam. Another way spammers are getting smarter is using techniques like below just to get through your alert filters long enough to make you click on a link that could potentially download malware onto your computer.
Read on for four examples and five top tips to stay one step ahead of the spammers!
1. ANZ Banking spam
I was an ANZ (Australian & New Zealand Banking group) customer and have been since a child. Now living in the Netherlands, I actually shut this down before I relocated. I realised though, when scanning my emails, that having banked with ANZ for so long, this email got my attention. It was in my spam folder, but I check this regularly as my gmail filters can often be over-aggressive.
Why is it smart spamming? Online banking has become the norm for many and it’s not unfeasible to expect an email in your inbox from your bank. Our bank accounts are literally one of our most valuable assets so any “notification” of a threat to this is likely to get our attention.
How did I know for sure it was spam? Firstly the language is not that of a large national bank, secondly I remembered I’m not actually a customer anymore! Finally that email address is typical of spam (see the .kz at the end? I doubt an Australian bank would be using a Kazakhstan email domain!)
2. WhatsApp Message Spam
WhatsApp is a fast-growing app that I now use daily. When I first saw this email my first thought was “cool, WhatsApp now has voice messages!”. Again, this was already in my spam folder which made me cautious.
Why is it smart spamming? Playing on the popularity of a new app and the fact that people may not yet know exactly what features are available and how it works.
How did I know for sure it was spam? Immediately I noticed there was no branding. The spammers have attempted to use a similar green colour to the brand but if this was a true message from the company, they would be highly likely to use their logo. Then I googled to see if WhatsApp has voice messaging – which they do, but it’s delivered within the app, not via email. Finally, again look at that email address it’s coming from.
4. SEO Services Spam
Any website owner will no doubt be familiar with the steady stream of SEO services spam. They are getting smarter though. Originally, I registered this domain (zestee.com) in Australia and am myself an Australian.
Why is it smart spamming? It is personal and could almost pass as a professional and polite email from an Australian organisation. If I was to engage an SEO specialist, I may be more open to getting a no-obligation quote as they promise. It looks to be a large and reputable organisation at a glance at this email. However there are some telltale signs.
How did I know for sure it was spam? Again, look at that email address, not what you would expect from a professional organisation. Secondly, I searched for Morris Rauben on LinkedIn. A director of a large SEO organisation would be there, right? Wrong:
In fact, if you type the address of the “Melbourne Office” into Google, see the results screenshot below:
So first up you get this article about it being a spam message from India. There are no links in this email to click so it’s not a malware risk, however by replying to “get more information” you would confirm to them that your email address is valid.
4. Domain Name Spam
WhatsApp is a fast-growing app that I now use daily. When I first saw this email my first thought was “cool, WhatsApp now has voice messages!”. Again, this was already in my spam folder which made me cautious.
Why is it smart spamming? I recently transferred my domain name ownership for http://www.cultureandkids.com from Hostgator to GoDaddy. Therefore it was still fresh in my mind and I thought that something may have gone wrong with my payment. This email looks official and has all my details – however these are available on a public register for those who own domains.
How did I know for sure it was spam? I read through this a few times and still wasn’t sure. I logged into my domain account – NOT by clicking any links in the spam email – and my domain name is current through until 2016. So I emailed GoDaddy and attached a copy. Here is their response below.
So as you can see via these examples, unfortunately spammers are getting smarter. My five top tips are:
- Set up aggressive email spam filters
- Protect your email address as much as possible – for example, use a contact form on your website rather than listing your email address publicly
- Look for telltale signs of potential spam as I’ve shown in these examples
- Use Google to research and confirm elements of emails you’re not too sure about
- Never click on links in emails unless you are positive you know they are coming from a reputable source
Have you encountered any smart spam messages? I’d love to hear about them in a comment below!
Renee
Zestee 