• Corey

Never Click on a Link or Download a File Sent to you via Unsolicited Email

Updated: Nov 23, 2020


Here is just one of hundreds of recent articles I could post, that warn you to not click on unsolicited documents or web links sent to you via email or text messages: “Warning: Fake package notification could be dangerous malware”: http://clark.com/scams-rip-offs/warning-about-fake-package-delivery-email-scam/

Just a little reminder that you should NEVER click on a link or download something sent to you as an *unsolicited* email from a company, no matter how legitimate it may appear! (Even if it IS legitimate, you probably still should not click on it.) If you get an email informing you about fantastic news, or dire results, or any other kind of information, that tells you to click on this link, or download this file, etc., just DON’T do it! Instead, open up a web-browser and go to the company's website as you normally would. If there are messages for you, then they will be on the corresponding website. You can always contact the support for the company (or send them the email) to ask if it is real.

(NOTE: This does not hold true if you are the one to ask a company for some information, and a few minutes later you get an email from them. This would not be an "unsolicited" email, but initiated by you.)


For example, here is one of the better scams I have seen recently, although I regularly see pretty convincing ones from Apple, PayPal, Netflix, etc.

[start email]

-------------------------------------------------------------------------------------------

From: Amazon Prime <VBm2dNo0rQhuyMv-HTk6w7wEkKudRE8g@fjkCVxXC-78122346[.]com> Sent: Thursday, November 19, 2020 4:15 AM To: <myname>@yahoo.com Subject: 𝖯𝗋𝗂𝗆𝖾𝖬𝖾𝗆𝖻𝖾𝗋𝗌𝗁𝗂𝗉: [𝖯𝖺𝗒𝗆𝖾𝗇𝗍𝖿𝖺𝗂𝗅𝖾𝖽] 𝗒𝗈𝗎𝗋𝖼𝖺𝗋𝖽𝗁𝖺𝗌𝗇𝗈𝗍𝖺𝖼𝖼𝖾𝗉𝗍𝖾𝖽. (Ref - 223396140175) Importance: High

Dear <myname>@yahoo.com .

𝗗𝗲𝘁𝗮𝗶𝗹 # 𝟭𝟭𝟮-𝟳𝟵𝟲𝟬𝟲𝟲𝟵-𝟯𝟴𝟮𝟵𝟴𝟰𝟮

Renewal Failed !!!


𝗬𝗼𝘂𝗿 𝗣𝗿𝗶𝗺𝗲 𝗠𝗲𝗺𝗯𝗲𝗿𝘀𝗵𝗶𝗽 𝗶𝘀 𝘀𝗲𝘁 𝘁𝗼 𝗿𝗲𝗻𝗲𝘄 𝗼𝗻 𝗡𝗼𝘃 𝟭𝟴 𝟮𝟬𝟮𝟬


𝖶𝖾'𝗏𝖾 𝗇𝗈𝗍𝗂𝖼𝖾𝖽 𝗁𝖺𝗍 𝗍𝗁𝖾 𝖻𝗂𝗅𝗅𝗂𝗇𝗀 𝖺𝗌𝗌𝗈𝖼𝗂𝖺𝗍𝖾𝖽 𝗐𝗂𝗍𝗁 𝗒𝗈𝗎𝗋 𝖺𝖼𝖼𝗈𝗎𝗇𝗍 𝗂𝗌 𝗇𝗈 𝗅𝗈𝗇𝗀𝖾𝗋 𝗏𝖺𝗅𝗂𝖽. 𝖳𝗈 𝖴𝗉𝖽𝖺𝗍𝖾 𝗍𝗁𝖾 𝖽𝖾𝖿𝖺𝗎𝗅𝗍 𝖼𝖺𝗋𝖽 𝗈𝗋 𝖼𝗁𝗈𝗈𝗌𝖾 𝗇𝖾𝗐 𝗈𝗇𝖾 𝖿𝗈𝗋 𝗒𝗈𝗎𝗋 𝖬𝖾𝗆𝖻𝖾𝗋𝗌𝗁𝗂𝗉, 𝗉𝗅𝖾𝖺𝗌𝖾 𝗎𝗌𝖾 𝗍𝗁𝗂𝗌 𝗅𝗂𝗇𝗄𝗈𝗋 𝖼𝗅𝗂𝖼𝗄 𝗈𝗇 𝗍𝗁𝖾 𝖻𝗎𝗍𝗍𝗈𝗇 𝖻𝖾𝗅𝗅𝗈𝗐 𝖺𝗇𝖽 𝖿𝗈𝗅𝗅𝗈𝗐 𝗍𝗁𝖾 𝗈𝗇𝖾 𝗌𝖼𝗋𝖾𝖾𝗇 𝗂𝗇𝗌𝗍𝗋𝗎𝖼𝗍𝗂𝗈𝗇𝗌.

𝖳𝗈 𝗉𝗋𝖾𝗏𝖾𝗇𝗍 𝖨𝗇𝗍𝖾𝗋𝗋𝗎𝗉𝗍𝗂𝗈𝗇 𝗈𝖿 𝗒𝗈𝗎𝗋 𝖻𝖾𝗇𝖾𝖿𝗂𝗍𝗌, 𝗐𝖾 𝗐𝗂𝗅𝗅 𝗍𝗋𝗒 𝖼𝗁𝖺𝗋𝗀𝗂𝗇𝗀 𝗈𝗍𝗁𝖾𝗋 𝖺𝖼𝗍𝗂𝗏𝖾 𝖼𝖺𝗋𝖽𝗌 𝖺𝗌𝗌𝗈𝖼𝗂𝖺𝗍𝖾𝖽 𝗐𝗂𝗍𝗁 𝗒𝗈𝗎𝗋 𝖺𝖼𝖼𝗈𝗎𝗇𝗍. 𝖠𝗇𝖽 𝗂𝖿 𝗐𝖾 𝖼𝖺𝗇'𝗍 𝗉𝗋𝗈𝖼𝖾𝗌𝗌 𝗍𝗁𝖾 𝖼𝗁𝖺𝗋𝗀𝖾 𝗈𝖿 𝗒𝗈𝗎𝗋 𝗆𝖾𝗆𝖻𝖾𝗋𝗌𝗁𝗂𝗉 𝖿𝖾𝖾, 𝖸𝗈𝗎𝗋 𝖯𝗋𝗂𝗆𝖾 𝖻𝖾𝗇𝖾𝖿𝗂𝗍𝗌 𝗐𝗂𝗅𝗅 𝖻𝖾 𝗌𝗎𝗌𝗉𝖾𝗇𝖽𝖾𝖽


Update your account immediately and keep it safe.

Need Help ?

Sincerely

Amazon Prime Service

Don't want to receive emails from us? Just click here.

--------------------------------------------------------------------------------------------------------

[end email]


There are a number of items that show this is a scam.


(1) Even though the email says it is from “Amazon Prime,” if you look at the actual “from” address, it is from “<random-characters>@<random-characters>.com. (You might not be able to see that easily from your email program, but knowing how to see the actual sending email address is important.) Will Amazon really send an email from that kind of address? No. It would be from <something>@amazon.com


(2) Then there are a number of misspellings/grammar issues. But even without those, I still would not believe it.


(3) If you hover over the graphic that says, “Update my payment” in the original email, you see this URL (website link): [https]://www[.]google[.]com/url?sa=D&q=[https]://mysp[.]ac/4jKp6&ust=1605870960000000&usg=AOvVaw1tUA05opxcatOoKAj7vqby&hl=?userid=P9VtRnIJ (NOTE: I edited it so it would not be an active link.) – Would Amazon send you to “google.com” or “mysp.ac”? No.


(4) Also notice another [relatively] new method for scamming people: at the very bottom there is a link that says, “Don't want to receive emails from us? Just click here.” Of course we don’t want to get these scam emails! But do you think they will honor your wishes? Only legitimate companies do so. The link there is the same one they posted above about updating your payment, as another way to scam you into clicking on that link and stealing your information.


NEVER CLICK ON A LINK FROM AN EMAIL UNLESS IT IS SOMETHING YOU HAVE INITIATED (e.g. asking for a password to be reset, etc.)


If you suspect that an email like this may be true, (and you don’t want an account to expire, want to check if a charge has been made, or an item has been ordered, etc.) then access your account as you normally would, like opening a browser/app, going to the site, and log in your normal way. Don’t believe those links in emails!!! :-)

7 views0 comments

© 2019 by Computer Security Northwest.  Created with Wix.com

  • LinkedIn Social Icon
  • facebook-square
  • Twitter Square