A couple of days ago, I received an email which appeared to be from a friend who lives just a few blocks away.
The subject line: “Need A Favor !!!”
A brief message followed:
Hi,
I hope you are well. I need quick assistance from you I’d appreciate it if you could email me back when you get this.
Thank you!
It didn’t take me too long to confirm my suspicion that it was a scam. I later learned that if you responded, the scammer, still posing as a friend, asked you to buy and send one or more Apple iTunes gift cards.
Here’s how I confirmed it was a scam.
I first looked at the sender’s email address, and checked it against prior emails from my friend. The address was correct.
But the message was strange. It didn’t greet me by name, and wasn’t signed. And I couldn’t see what sort of favor my friend would want that she wouldn’t be able to just ask for directly.
So I took one simple step.
Find and click on the little upside-down triangle next to the email address at the top of the email. That opens a window with additional information. I’ve blacked out my friend’s name and email, but you’ll get the idea.
At the top, it showed my friend’s correct email address at aol.com as the source of the email (From), which was repeated below on the line labeled “To”.
But in between was the key line, labeled “Reply-to”.
The address there was a slightly changed from my friend’s address, and it was a gmail address instead of the original aol.
The subtle change in the reply to address was something like this (I’ll use a dummy address as an example).
Correct address: yourfriend@aol.com
As shown in “Reply-to”: yourffriennd@gmail.com.
If you weren’t expecting anything, you might not notice the reply-to address was different from my friend’s actual email address.
But the subtle change showed replies would be going to a scammer who had set up that alternative email account.
So when things don’t look quite right, check closely. Protect yourself online.
Discover more from i L i n d
Subscribe to get the latest posts sent to your email.
Good advice. Scammers count on human nature — the desire to help coupled with a sense of urgency. It’s also helpful to look at the full headers.
Good point. I have not been scammed by email, but I do get phone calls from a man who claims to be my grandson. I just hang up, because my grandson is 9 years old, not a grown man.
Ian: another caution are the “links” sent to you by people on your email contacts. It is much easier to breach phones, I understand, so if your phone and emails are synchronized, your email list could be used to send you links, etc. Often people will open such links from a “friend” out of curiosity, and find they have opened the door to all of you messages, accounts, etc. The usual advise is to delete without responding.