4+ Tips to Expose E-Mail Scams – Internet Scams Part I

November 5th, 2009 by

This is part one of a two-part series dedicated to protecting your information and/or money from deceitful individuals, online fraud and email scams.

Email fraud, Email scams


One November 1, 2009 a server upgrade will take place and your server be offline for about an hour. The changes will concern security, reliability and performance of the system as a whole. This procedure is quite simple. All you have to do is just to click the link provided, to save the patch file and then to run it from your computer location. That’s all.


Thank you in advance for your attention to this matter and sorry for possible inconveniences.

– WestHost System Administrator

Does this sound familiar? This was taken from an actual message sent to our sales team (with the original link omitted) containing fraudulent information. I get messages daily requiring skeptical thought and often a thorough examination.

Recently I received an e-mail message encouraging me to boycott the new dollar coin claiming the government is “phasing God out of America” by removing ‘In God We Trust’ from the coin. I thought this seemed a little odd, so I looked at my favorite urban legend super-site, snopes.com. They provided additional pictures showing the classic motto engraved around the entire outer edge of the coin. Myth debunked!

If you’ve had your e-mail address for a few months you can likely relate to what I’ve written above. I’ll show you 4 ways to reduce your risk of being defrauded or tricked into providing personal information.

Four Ways to Avoid Being Caught by an E-mail Scam

Follow these four basic rules, and most of the risk of any e-mail message can be removed.

  1. Never click directly on a link in an e-mail message. Frequently, links will appear as www.yourbank.com, but in reality clicking the link will take you somewhere like scamsunlimited.somewheredark.ru/yourbank.com. You can eliminate this risk by typing, or pasting, the link into a search engine rather than directly clicking it. The search engine results page will display a little information about the page before you actually visit it.
  2. Never trust a message from somebody you are not familiar with. If you know you don’t have an account or profile with the entity that sent you the unsolicited email, don’t visit any link asking you to update your information, account, profile, etc.
  3. Judge the clarity of the message’s language. Almost every message attempting to steal information contains terrible spelling, bad grammar and is hard to follow. Remember that most large organizations have teams dedicated to create proficient messages and are highly unlikely to send a poorly written message.
  4. If you are suspicious of a message but don’t want to disregard something that might be important, call the company via telephone to determine if the message is real before taking any action; like giving out personal details. If suspicious, look up the telephone number – don’t assume the number in the suspect message is accurate!

E-Mail Hoax Resources

In addition to the basic security steps outlined above, the following sites are dedicated to debunking online scams and e-mail spoofs. It is best to visit and confirm the rumor with more that one source. Although the sources listed below are generally credible, there may be some bias in the answers given or not given.

  • Snopes.com
  • One of the best-known resources for validating and debunking urban legends, Internet rumors, e-mail forwards, etc. Use the search feature to find your specific issue. Founded by Barbara and David P. Mikkelson.

  • About.com: Urban Legends
  • Take the quiz to see how skilled you have become, receive tips and tricks and browse by topic. Maintained by David Emery.

  • TruthorFiction.com
  • Similar to other sources listed above, they provide information on eRumors, warnings, offers etc. Founded by Rich Buhler.

  • FactCheck.org
  • Go-to site for political issues. They monitor the factual accuracy of what is said by major U.S. political players in the form of TV ads, debates, speeches, interviews and news releases.

  • Internet Crime Compliant Center (IC3)
  • IC3 is a partnership of federal entities, FBI included, created to provide a resource for reporting Internet related crime and furthering research.

Let’s discuss, what do you do to sniff scams?

  • Share this post

7 Fun Web sites and an Excuse to Visit Them!

7 Steps to Minimize your Risk to Consumer Fraud – Internet Scams Part II


# 10th November, 2009

Thanks for the great post. I love snopes.com! I check everything fishy I get thru email against it. Also be aware of scams that have links like http://facebook.com.somedomain123.ru/page.html – people won’t recognize the subdomain and think since it starts with Facebook, it must be Facebook! In reality, it goes to somedomain123.ru.

Susan Byrtus
# 10th November, 2009

As a Certified Identity Theft Risk Management Specialist, I read your “Tips to Expose Email Scams” with great interest. Kudos to you and Westhost for educating the public!

There is much that the general public does NOT know about online security and more specifically, Identity Theft.

[message truncated]

Respectfully at your service,

Susan Byrtus, CITRMS

# 16th November, 2009

I’ve actually gotten emails from “WestHost” much like the one you posted. Pretty simple for me to detect they are scams. First off the From field even without looking at the Header is often not the standard one used by WestHost… Let’s hope WestHost stays consistent on that. A quick right click then looking at Options I can see the header of the email. A glance shows me I did not originate from WestHost.

I have seen an increase of Spams that simply use RE: Or FWD: without any other text for the subject… Come on spammers if it was really an RE or FWD it would have the text of the original subject after it.

You mentioned this in the blog post but I wanted to repeat it here. Do not click on links in such emails. If you have an account with our bank then use the URL you have bookmarked for them or type it in. You got it when you signed up with them and I doubt it is going to change.

Jake Neeley
# 16th November, 2009

I agree with you all, there is much to be learned in this arena and needs to be visited periodically due the changes tat occur almost every day. As technology advances so does a spammers ability to reach us.

Thanks again for the additional information

Shawn Sorrell
# 17th November, 2009

I’ve received this email quite a bit lately so thought it might be worth posting some details. This email contains a virus that is in the form of an attachment. The body contains something like the following

“We are contacting you in regards to an unusual activity that was identified in your mailbox. As a result, your mailbox has been deactivated. To restore your mailbox, you are required to extract and run the attached mailbox utility.

Best regards, mydomain.com technical support.”

The mydomain is always one of the domains I own. I am technical support for my domains so this one was easy for me to spot even if my anti virus program had not singled it out.

Drew Kopf
# 12th December, 2009

I find it helpful to have e-mails presented to me in text rather than in html format;I can’t see the images and fancy fonts but I can see the code that produces them. E-mails from real people are generally in straight text in my experience. Those I can read and deal with or delete. If its coded and something I want to access like a newsletter I like to read, it’s easy enough to click on an icon to see the page in a browser. That way I can sort real inquiries from solicitations and possibly evil seekers. Granted, the e-mails are dull and boring but they are usually safer and unoffensive looking too.

Jake Neeley
# 28th December, 2009

Shawn, thanks for this note. This is a common scam for those who have registered a domain. In addition a common scam I see is a letter stating that your domain is expiring and it needs to be renewed. In reality it is a company trying to steal your registration from your current registrar.