Two similar scam messages have arrived in the last day, they might fool some people and certainly don’t get caught by Microsoft Outlook’s spam filter. In this article we’ll look at both these bogus emails as examples of some things to be wary of
Here’s the two messages. The first promises Skype updates which can be enticing.
Outlook has blocked the download of linked images, the default action. The formatting looks fairly professional and the spelling correct except for ‘Copy rights’ as two words.
The second message is supposed to come from Adobe with an upgrade to the PDF reader.
This message as in plain text and so isn’t as well formatted.
Both messages are left in your Inbox by the latest version of the Outlook Junk email filter but should look suspicious to any regular email user. Here’s the tell-tale signs that should raise a ‘red flag’ in your mind:
- The domain name doesn’t match the common site for that company. Eg skype-upgrade.com instead of skype.com . Always check the actual link offered by any email, if you’re not sure go to the known web site for that company rather than the link in the email. That especially applies to banks.
- You don’t normally get emails about updates for either Skype or Adobe Acrobat (both will prompt you within the programs if there’s an update).
- The ‘PDF’ email is in plain text which isn’t likely from a company like Adobe.
- It’s possible that your email address isn’t known to that company. For example you might have a Skype account but not linked to the address used by the email. Or you haven’t registered your PDF viewer with Adobe so why/how are they emailing you.
Checking the domains
If you’re uncertain about the validity of an email, you can check the domain in the email to see if its registered to the right company.
Start at http://www.internic.net/whois.html which will tell you the domain registrar for a particular domain name. For both of these domains (skype-upgrade.com and pdf-adobe-upgrade.com ) were registered by a Russian domain registrar which is another ‘red flag’ suggesting that the domains are bogus.
Checking the domain registrar WhoIs details (see below) shows that both domains are registered to a person, not a company, with the same address in New York. Neither are registered to the right company (Skype or Adobe) nor do they use the standard corporate address. The fact that the domain owner is the same person confirms the suspicion that the emails are different versions of the same scam.
Google Maps tells us what you’d expect from scam emails – the physical address on the domain registration (820 Parkway St, New York, 10024) is bogus. There is no ‘Parkway St’ in New York (only Parkway Ct, Parkway Dr and Parkway N).
The contact phone number (800 380920) has only 6 digits after the prefix instead of the necessary 7.
Furthermore the domains were only created in the last few days (12 and 13 September 2010).
If you weren’t sure before, the nature of the domain registration should be enough to convince you to ignore the emails.
Source: https://www.nic.ru/whois/?query=pdf-adobe-upgrade.com as at 13 Sept 2010 at 7:32am UTC
Source: https://www.nic.ru/whois/?query=SKYPE-UPGRADE.COM as at 13 Sept 2010 at 7:32am UTC
Article posted: Monday, 13 September 2010
there's more ...
If you liked this article you'll LOVE our new ebooks.
Windows 8 for Microsoft Office users A practical guide the new, changed and unfamiliar in Windows 8
A focused and unvarnished look at Windows 8, especially written for
the many people who use Microsoft Office Get it today
- click here.
ORGANIZING OUTLOOK EMAIL - tame your Outlook 2010 Inbox
100+ pages of practical tips and help to streamline,
automate and search your Inbox. Get more
than you ever thought possible from Outlook. Read it today
- click here.