NinerNet Communications™
Blog

Corporate Blog

Compendium of scam emails

13 April 2021 09:26:41 +0000

Scam and “phishing” emails arrive daily by the truck load. We can’t send a warning every time we ourselves get a scam or phishing email. If we did, our own emails would become just noise in the background.

However, we present here eighteen screenshots of scam, spam and phishing emails that we have received or seen over the last four years. If you’re not sure what one of these emails look like, we encourage you to look these over. The approaches vary, but here are some common factors:

  • They advise you that your email account is over quota, and you must take some immediate action to prevent catastrophe — i.e., the loss of all your email.
  • Your email account is being closed or upgraded.
  • The webmail for your account is being upgraded, and you have to take action.
  • Your domain is being cancelled or expired within a few hours or a couple of days.
  • Payment for the renewal of your domain is overdue.
  • Wordy expiration notices that are unclear about what exactly is expiring and how it could theoretically affect you.
  • Domain SEO (search engine optimisation) notices made up to look like invoices for domain renewal.
  • Emails with links that disguise the true destination to which you are clicking. Always check the status bar in your email program or app — before you click, while hovering your mouse pointer over the link — to determine whether or not your browser will really be going to a domain you recognise — e.g., niner.net if you are a NinerNet Communications client.
  • Emails that try to sound like they come from your own company’s IT department, complete with copyright notices.
  • “Final” renewal notices that are a surprise.
  • Fine print at the end of the email that makes ludicrous statements that contradict the meat of the email, such as, “We do not directly register or renew domain names” or “THIS IS NOT A BILL” (in an email that looks like it’s a bill to renew your domain); “We have clearly mentioned the source mail-id of this email, also clearly mentioned our subject lines and they are in no way misleading” (in an email that tries to mislead you into paying what looks like an invoice).
  • Urgent server warnings, that aren’t urgent server warnings at all.

NinerNet Communications is judicious about how many emails we send out, and how often we do. We’re also careful to ensure that we use proper spelling and grammar. Our emails do not contain copyright notices and pages of meaningless legal notices. (Maybe they should, but currently they don’t. We’re real people who tend to believe that our clients are also real people with brains.) With that in mind, here is a non-exhaustive list of things you should look for to determine if an email you’ve received really is from NinerNet and if it’s legitimate:

  • Is it from an email address on the niner.net domain? (Configure your email program or app to show you the sender’s actual email address, not just their name.) If it’s not, it’s not from us and you can probably ignore it if it claims to be about your hosting or domain.
  • Does it try to scare you or make you angry, such that you might take immediate action? If it does, it’s definitely not from us.
  • Is it in HTML or “rich text”, with different colours and types of fonts, and does it contain images or things that look like buttons (especially that say “secure online payment”)? It’s very likely not from us.
  • Are there copyright notices in the email? Definitely not from us.
  • Does it flatter you with words such as “esteemed” or “valued”? Not from us. (You are esteemed and valued, for sure; we just don’t lay it on thick with you!)
  • Does the email address you by the name in your email address? For example, if your email address is accounts@example.com, does it address you as “accounts” as if that was your name? Not from us.
  • Does it ask for personal information or ask you to update or confirm personal information? Very likely not from us unless you’re a brand new client.
  • Look very carefully at the sender’s address. Does the font on your email program make some letters look like others? For example, if the sender looks like bob@example.com, are you sure his domain isn’t exarnple.com? With some fonts the “r” and the “n” together look like the “m” in “example”.

Of course, the above checklist can be applied to any email you receive, including emails that purport to be from your bank.

Attachments: Don’t open attachments from unknown senders or that you are not expecting, even from known senders. Also make sure you have anti-virus software installed.

Our automated notices telling you that your mail box is full, or close to it, are extremely brief and do not try to scare you or offer you links to “free upgrades” or anything like that.

If you click on a link in an email and enter information on a form — especially a password — and then realise that it’s a scam/phishing, immediately change that password. You should also contact NinerNet, or whoever that account is with, to inform them what has happened.

Finally, when we do send you an email to advise you of something that applies to all (or most) clients — such as server moves, upgrades, etc. — we include a link to our blog (blog.niner.net) so that you can confirm that information.

Below, then, are the eighteen screenshots of scam, spam and phishing emails. The first is particularly noteworthy, as it is a sexual blackmail/extortion scam that seeks payment via Bitcoin. It and similar emails will be the subject of our next blog post.

If you have any questions, please contact NinerNet support. Thank-you.

Sexual blackmail bitcoin email scam.

Sexual blackmail bitcoin email scam.

NinerNet home page

Subscriptions:

RSS icon. RSS

General Information:

This is the corporate blog of NinerNet Communications. It's where we post announcements, inform and educate our clients, and discuss issues related to the Internet (web and email) hosting business and all it entails. This includes concomitant industries and activities such as domain registration, SSL/TLS certificates, online back-up, virtual private servers (VPS), cloud hosting, etc. Please visit our main website for more information about us.

Search:

 

Recent Posts:

Archives:

Categories:

Tags:

accounts receivable apple billing branding cira contact information domain registration domain registry of canada domain renewals domains domain sales dot-ca domains dot-zm domains down time droc email encryption facebook google happy hosting customers hosting transfer icann invoices iphone kwacha maintenance paying your bill paying your invoice quarterly kwacha rate review rates registrar transfers reputation scams search engine optimisation search engine optimization security seo service hours spam ssl ssl/tls support transparency wordpress zamnet

Resources:

On NinerNet: