Anyone Getting "Realistic" Fake Emails?

  • Thread starter kyphysics
  • Start date
In summary, an e-mail that seems legitimate but has suspicious content (like the receipt number in the title example) can be a sign that your email has been hacked. Always be vigilant to the content of the email itself, and contact your bank or other relevant parties if there are any doubts.
  • #1
kyphysics
680
437
I'm not sure how to word this, so please forgive the title of the thread if it's not the best description.

So...over the last year or so, I've gotten emails that seemed legitimate, but that had something odd/suspicious about them and caused me not to open them. For example, I've gotten an email with "INVOICE" as the sender and then a receipt number in the title.

Another example is getting an email from a known company I've done business with, but having the email come out of the blue and have a weird title (it mentioned a renewal certificate). I actually called that company and they said they wouldn't have sent that and have never heard of the person whose name was listed as the sender.

I change my email passwords regularly, so I doubt someone has hacked my email account and is trying to send me fakes with the intention of getting me to open up some attachment that sends crazy malware or something like that. But, I just find these clever and disturbing. I was close to opening this one described above, but my gut sensed something was wrong. I called and am glad they said it wasn't them who sent it.

I guess my question is how on Earth would someone know to send such an email from someone I'd done business with in the past? Anyone get such "deep fake" emails? If so, how common have you found it to be?
 
Computer science news on Phys.org
  • #2
They send such e-mails to everyone. I've gotten lots of them from companies that I never have done business with (they seem to be often targeting Americans). They just need a couple to land in the right inboxes.

A good tip is to check if the e-mail is personalized. When I get e-mails from, e.g., Amazon or PayPal, they always know my real name.

Also, always check where the e-mail is really coming from. Sometimes, it is obvious,
1602148962912.png

sometimes, you have to look at the message headers to know exactly where the message come from.

A lot could be said about not clicking links in e-mails. I have even noticed that many legitimate e-mails no longer contain links. They simply tell you to go to the company's website.
 
  • Like
Likes davenn
  • #3
Best email practices of today’s companies and government organizations is to not provide a directly clickable link but instead direct the user to their site. Clickable links have two parts, the link address and some display text. Often the display text is either the company name or.it’s url.

However, bad actors may instead make the display text say one thing but the url to say something entirely different fooling the recipient. Now they suggest you type in the url and forego the convenience of a link.

Sadly, some companies haven’t gotten the best practices message and their emails look suspicious and should be rightly avoided by the end user. At work we routinely get valid yet suspicious messages that we question and have to verify before we can act. Some parts of our university have yet to adopt best practices.

An enduser best practice is to set your mail client to not render html in messages so you can look at where links really go and thus be less likely fooled by questionable links.
 
  • #4
That e-mail from the company you had done business with, all i takes is a little malware on one of the corporate machines and then they can access that company's e-mail server. From there its easy to find out who they have been receiving e-mails from and sending them to in order to make an e-mail seem more legitimate.

This is quite often these days, be vigilant to the e-mails themselves, not who they came from. Don't let it freak you out :)
 
  • #5
Just recently my wife got an email claiming to be our bank. It said that they had stopped a charge to her credit card and asked if it was a valid charge or not.
It immediately set off alarm bells. For one, she had signed up for text alerts, and had not received one on her phone, For another the Red and Green boxes that you were supposed to click for "yes" or "no" had some extra wording in them that I hadn't seen before ( we got an alert once on a valid charge which the bank thought might be iffy).
So we just logged on to our bank account the normal way, checked for alerts, and found none. We forwarded the E-mail to our bank's fraud department.
A few days later my wife got a notice from a company she had bought some stuff from that there had been a data breach, and some info had been leaked. Nothing vital, e-mail addresses, etc. It turned out this happened on the same day as she got the e-mail. So obviously it was an attempt to phish for more information.
 
  • Like
Likes Nik_2213
  • #6
Here's another example:

Paypal said I donated money to someone and gave me a receipt. I was like WHAT?? I opened that email and it was not anyone I knew (donor). I then opened my Paypal and my latest transactions had no such record. That was the only fake email I've opened (no link in the email itself...it was all text). Hope I didn't get malware from it.

But, yeah, these are actually kind of "decent" fakes. They make you curious. I was dumb to open the Paypal fake email, but thankfully I've resisted all others thus far.
 
  • #7
It is called "spear pfishing" It uses your personal information, such as the names of coworkers, or your wife's favorite item, or what your recent purchases were, to seed phony emails to make them appear real to you.

That is one of the reasons why you should try to protect your information online or on your devices. Random true facts about you can be used as a weapon against you. Protecting yourself becomes more difficult every year.
 
  • Like
Likes Klystron and hutchphd
  • #8
anorlunda said:
It uses your personal information, such as the names of coworkers, or your wife's favorite item, or what your recent purchases were, to seed phony emails to make them appear real to you.
I don't think that what @kyphysics got is that sophisticated. I know that I never got something like that. The e-mails usually do not contain any specific information.
 
  • #9
Just look at the email address the sender is using. If its hotmail instead of .anz.co.nz (for example - a bank website), then delete it.
 
  • #10
The sending address is extremely easily faked, I can knock up an e-mail to appear to come from any address I like in about 30 seconds...by all means check it but don't rely on it.
 
  • Like
Likes DrClaude
  • #11
MikeeMiracle said:
The sending address is extremely easily faked, I can knock up an e-mail to appear to come from any address I like in about 30 seconds...by all means check it but don't rely on it.
Yes. That's why I said that one should check the headers to see where the mail really came from.
 
  • #12
Checking message headers is a better method but you do need some tech knowledge to decipher them. If your not an IT Tech the message headers are just gibberish.
 
  • #13
kyphysics said:
Anyone get such "deep fake" emails? If so, how common have you found it to be?
Once I got one such email to company mail with company profile matching, referenced to existing people with matching profession and many details.

It could have been a valid RFQ, but the return address was soooooo fake that it was discarded without much bother.
 
  • #14
Before opening email, it's best to disconnect your computer from the internet to keep scammers from knowing that you have opened their messages. Otherwise they can deduce the type of message titles that attract your attention. ( Only setting the computer not to open images in emails isn't sufficient. And I don't know if Thunderbird email's option to "block remote content" is sufficient.)

For example, from https://en.wikipedia.org/wiki/Web_beacon

However, since beacons can be embedded in email as non-pictorial elements, the email need not contain an image or advertisement or anything else related to the identity of the monitoring party. This makes detection of such emails difficult.[7]
 
  • #15
Dumb Question:
How do you see the sender address w/o opening the email? I get you can see the sender "title," but that's not the same as their email address.

edited to add: For example, I might see something is sent from "Charles Lawn Care" and see the email title as "Receipt of service." But, unless I open the email in my Gmail account, how can I see the way the sender's email is written?
 
  • #16
If your looking at e-mail through a web page like the gmail website its unlikely you will get infected as your just being sent web page data. It's really a main problem if you have a dedicated e-mail client like Outlook and actually download e-mail onto your PC before opening it.
 
  • #17
I get emails like this from time to time on my work laptop. They come from our IT group as a test to see if we are smart enough to forward the email on to the "suspicious emails" folder. If we do we get a congrats and if we open the email and click its links we get a scolding.
 
  • Haha
Likes anorlunda
  • #18
That's pretty standard these days, companies testing their employees for alertness. I have been in a company where if you misclick the test e-mails 3 times you get sacked.
 
  • #19
MikeeMiracle said:
if you misclick the test e-mails 3 times you get sacked
wow that's pretty severe. on the other hand, an employee that doesn't get it and continues clicking away like that is probably screwing around or making mistakes in other areas.
 
  • #20
Well, in my case I was working somewhere sensitive that required national security clearence. Severe...yes...but necesary in that environment.
 
  • #21
I've been getting a lot of scammer PayPal emails lately. If the sender's email seems flaky, I mark them as junk.
 
  • #22
kyphysics said:
So...over the last year or so, I've gotten emails that seemed legitimate, but that had something odd/suspicious about them and caused me not to open them. For example, I've gotten an email with "INVOICE" as the sender and then a receipt number in the title.

Another example is getting an email from a known company I've done business with, but having the email come out of the blue and have a weird title (it mentioned a renewal certificate). I actually called that company and they said they wouldn't have sent that and have never heard of the person whose name was listed as the sender.

I get 1000's of them a year purporting to be from companies I do and don't deal with
Banks, Internet Providers, The classic PAYPAL one that @DrClaude displayed

Phishing emails have been around for years and years. Their "quality" are getting better
as their replication of the invoice etc page gets more and more like an original and even with a reasonable glance
it is difficult to tell them apart.
kyphysics said:
Dumb Question:
How do you see the sender address w/o opening the email? I get you can see the sender "title," but that's not the same as their email address.
That's easy ( well maybe depending on your email client) my very, very old one Eudora shows the addy in the status bar at the bottom of the screen when I move the mouse over the "reply" "click here to update info" etc words Dave
 
  • #23
kyphysics said:
I guess my question is how on Earth would someone know to send such an email from someone I'd done business with in the past? Anyone get such "deep fake" emails? If so, how common have you found it to be?
Again very easy ... these phishing people are continuously scanning the net picking up your and the business email addy's
then altering them and sending you the fake emails
 
  • #24
here's a typical example
purporting to be from Woolworths ( a major Australian supermarket chain)

Note: when I hover the mouse over any of the parts in the email look at the addy in the lower left corner
it has nothing to do with a link to Woolworths
Sometimes the company name will appear in the addy, but rarely will it be early on, before the first "/"
Clipboard12.jpg
 
  • #25
davenn said:
here's a typical example
purporting to be from Woolworths ( a major Australian supermarket chain)
Obviously a different Woolworths than the five and dime that used to exist in the US.
 
  • Like
Likes davenn
  • #26
My regular personal account gets the usual spam &c, but recently at work (which has a necessarily very secure enterprise level email and contact administration system) we have been experiencing an epidemic of some fairly well constructed fakes. These have included a somewhat realistic notice supposedly (but not really) from our email administrator whitch itself contained a warning about fake emails - along with a blind link, as well as somewhat authentic looking (but not if you looked it over carefully) email supposedly from a work related regulatory body... Regulatory body letters have the ability to kind of freak out the recipients when we receive them, even if they are fairly innocuous (and if you work in a regulated industry, you know what I mean), and while I am never likely to click on a blind link, it is the kind of thing that can catch one off guard. I had to call up a colleague to insure and confirm that he had not clicked the link (he had not). Home office has even sent out a series of warnings which themselves left me momentarily suspicious, until I looked them over... they had no links in any case, but I can see how some people might have been caught off guard.

Cause for concern and increased vigilance.

--diogenesNY
 
  • #27
ANYONE I THE ONLY ONE GETTING SPAMMED ELECTION EMAILS?

So, I donated to a political campaign in the U.S. primaries. Since then, I've gotten 10 trillion or so emails from candidates I DID NOT donate too, but who are of the same party.

One email early on said they got my email from the original campaign I donated to and wanted to ask for my help. ...Uhhhhhhhhhhh, I did not consent. Now, it's been never-ending emails from a ton of people asking for help. As soon as I unsubscribe from one, another new email address sender gets through.

*sorry for the vent*
 
  • #28
kyphysics said:
ANYONE I THE ONLY ONE GETTING SPAMMED ELECTION EMAILS?

So, I donated to a political campaign in the U.S. primaries. Since then, I've gotten 10 trillion or so emails from candidates I DID NOT donate too, but who are of the same party.

One email early on said they got my email from the original campaign I donated to and wanted to ask for my help. ...Uhhhhhhhhhhh, I did not consent. Now, it's been never-ending emails from a ton of people asking for help. As soon as I unsubscribe from one, another new email address sender gets through.

*sorry for the vent*
My wife has the same problem with texts on her phone. She gets a political text message, blocks the number, gets another text, blocks that number...
 
  • #29
For those in the US, the FCC (Federal Communications Commission) is the one that enforces the law about unsolicited [edit] commercial [/edit] calls to cell phones.

If I recall correctly, the penalty is $1000 per call made. Made kind'a expensive because the cell phone user is charged for their connect time.
 
Last edited:
  • #30
Janus said:
My wife has the same problem with texts on her phone. She gets a political text message, blocks the number, gets another text, blocks that number...
Hopefully this changes post-election...even if just seeing a decrease in spam volume. I have a feeling I'll still get some emails every now and then until mid-terms (when it might ramp up again).

Very annoying!
 
  • #31
kyphysics said:
I'm not sure how to word this, so please forgive the title of the thread if it's not the best description.

So...over the last year or so, I've gotten emails that seemed legitimate, but that had something odd/suspicious about them and caused me not to open them. For example, I've gotten an email with "INVOICE" as the sender and then a receipt number in the title.

Another example is getting an email from a known company I've done business with, but having the email come out of the blue and have a weird title (it mentioned a renewal certificate). I actually called that company and they said they wouldn't have sent that and have never heard of the person whose name was listed as the sender.

I change my email passwords regularly, so I doubt someone has hacked my email account and is trying to send me fakes with the intention of getting me to open up some attachment that sends crazy malware or something like that. But, I just find these clever and disturbing. I was close to opening this one described above, but my gut sensed something was wrong. I called and am glad they said it wasn't them who sent it.

I guess my question is how on Earth would someone know to send such an email from someone I'd done business with in the past? Anyone get such "deep fake" emails? If so, how common have you found it to be?

It's so common these days. Hope the scam filter would be more sophisticated.
 
  • #32
While a bit off the topic of scam e-mails, I just recently got, after not getting any for a long time, a scam phone call. I'm not sure exactly which one it was, because the recorded message started part way in, and I didn't wait to hear it repeat.
From what I did hear, I'm guessing it might have been either the IRS or Social Security scam.
Ironically, I have just recently been watching some you-tubes of scam-baiting.
 
  • #33
For sure, your post suggests that your place of employment needs to have training that deals with phishing attempts. This is a standard.
 
  • #34
BE CAREFUL PEOPLE - Happened again today!

Got an email from my doctor's office. I never requested it and it looked suspicious, as the email address was weird and nothing like the doctor's office. I called. They said they have no record of sending me such an email and don't recognize the address.
 
  • #35
Janus said:
While a bit off the topic of scam e-mails, I just recently got, after not getting any for a long time, a scam phone call. I'm not sure exactly which one it was, because the recorded message started part way in, and I didn't wait to hear it repeat.
From what I did hear, I'm guessing it might have been either the IRS or Social Security scam.
Ironically, I have just recently been watching some you-tubes of scam-baiting.
The IRS scam calls are so annoying. I've gotten...100?? or so over the past 2 years. :smile:

I can't remember if it was the IRS one or another obvious scam call, but one time I picked up the phone and said nothing JUST TO HEAR what they other party would say. Silence. Then the phone hung up (by them).

I never heard from that scam call program again. ...Haven't gotten the IRS one recently, so not sure if it was that one or not.
 

Similar threads

Replies
32
Views
4K
Replies
1
Views
971
Replies
9
Views
2K
Replies
10
Views
1K
Replies
15
Views
1K
Replies
9
Views
2K
Replies
6
Views
1K
Back
Top