Posted by: TAZ Networks on July 10, 2020 at 8:00 am
Every so often, it’s fun to do a scam email breakdown, to show you what to look for so you don’t lose money, time, or data to hackers.
Take a look at the screenshot of the email hackers sent to Heather last month. We’ve marked it up to use as the basis for today’s lesson in how to spot a scam email.
First up, we have the sender’s email address (underlined). Tavis Patterson is indeed the boss here, but he does not use mailbox.org for his email. So, the “from” email is our first solid clue that this is a scam.
The rest may be a little bit tricky, and really requires you to know your boss, and the business processes. Let’s walk through these more subtle clues:
- Subject line. This was Heather’s first clue, even in her inbox. Tavis sends out staff bonuses at the end of the year, not in July. Also, the grammar is a bit wonky. (Employee Bonus? Employee Bonuses? Employees’ Bonuses?) However, anyone can make a typo, and perhaps an additional bonus was in the offing? Keep in mind: many email scammers use current events to grab their targets’ attention. Therefore, be extra cautious right now for subject lines around COVID-19 and coronavirus.
- Language. The whole message just felt off. While Tavis tries to accommodate our daily work, if he needs something done, he just asks in a straightforward way. He doesn’t apologize for bothering us or ask us if we can help. He just tells us what he needs and when he needs it done. (Which is fine!) Knowing your company’s processes can help prevent falling for scam emails.
- Grammar. Tavis knows to start a sentence with a capital letter and end with a period, and keep one sentence on one line. That may not be everyone’s style, but pretty much everyone does have a style. (Heather likes rambling paragraphs and lots of bullet points, for example.) Getting to know your boss and how they communicate can be an excellent tool for preventing scams.
- Signature. There isn’t one. Tavis has his email signature set up on all his devices and uses it with every email he sends, whether from his desk or on the road. Does your company set up and use consistent email signatures? This can be another tool in your fight against scammers.
This email was a bit different than a lot of the scams we get, because it really requires you to know your boss and your business. If an unsuspecting worker replied back to the scammers, they could have been directed to purchase gift cards, send staff W-2 information, or worse.
When was the last time your IT company looked at your email filtering and security? Make your appointment with TAZ Networks today.