Recognizing Online Spam Attempts3 min readMay 30, 2019
Spamming attempts are varied and plentiful through the many technological advances we use today. We utilize technology in many ways and spammers are using the same technologies to trick users into giving away money and personal information. This makes it difficult to determine what is legitimate or not. There is one saying we use in technology: “if it seems too good to be true, it probably is.”
Many spammers will use emails attempting to get more information to use against you. Watch out for odd or spoofed emails. If the email looks suspicious or too good to be true, take caution as it probably is. If you’re unsure about an email it is better to not open and ignore it than to respond. Do not provide any personal information through emails from businesses or someone you do not have a validated relationship with. Legitimate businesses never will ask for personal information through an email as these businesses are also trying to provide methods to protect your identity.
The most common method of spoofing is changing the name or text of email addresses or link text. Spammers will use link text (what is visible to the user and easily changed) to make you think that it is legitimate; however, if you check the actual link, it will be a different location or email address. Most browsers and email clients have a status bar on the bottom that shows the actual URL or email address as you hover over links. If the actual link or email address does not have the company’s domain, then this is most likely a spoofing attempt.
There are many marketplace sites where you can post items to sell. Spammers will message you directly to utilize a person-to-person transaction by getting personal emails or phone numbers. In this way, you and the spammer can “settle” without using the marketplace site.
Here is a scenario from an actual spamming attempt. My daughter posted her prom dress on a marketplace site. A spammer contacted her through the site, asking her to contact them directly via texting. They exchanged information and promised that they would send a check directly in return of her sending the dress. The spammer then notified my daughter that the check sent had an incorrect amount so a check with the difference should be included with the dress. Note that everything was “urgent” and the spammer instructed her to use FedEx next-day shipping.
When we received the check from the spammer, it was $1,100 more than the dress price. We recognized this as a scam and had the bank validate the check; it was not a valid check. With today’s technology, it would have been easy to scan the check using the bank app to deposit the phony check, write a new check to the spammer, and send the dress and check with the “difference” the same day. It would take a couple days for the bank to discover that this is an invalid check, which would have resulted in the loss of the dress and the $1,100.
Reputable marketplace sites try to make it safe for the sellers and buyers if you use their site for all communications and transactions. For your protection, it’s best to utilize what reputable sites have to offer.
Fake accounts in social media are also growing, displaying links to spoofing websites or using methods to trick people in some way to gather personal information. Just as with email spoofing, take caution and validate any links displayed and question the content if the wording or appearance sounds odd. Spammers will hijack personal accounts to gain personal information or money. It is best to validate anyone asking personal details using another method of communication to validate the content.
If you confirm a spamming attempt, report the issue immediately. Companies like Facebook and Twitter have links to report spams and investigate shutting down the invalid accounts. By reporting, you could save someone else from being spammed.