Anyone Getting "Realistic" Fake Emails?

[jake jot]

I'm not sure how to word this, so please forgive the title of the thread if it's not the best description.

So...over the last year or so, I've gotten emails that seemed legitimate, but that had something odd/suspicious about them and caused me not to open them. For example, I've gotten an email with "INVOICE" as the sender and then a receipt number in the title.

Another example is getting an email from a known company I've done business with, but having the email come out of the blue and have a weird title (it mentioned a renewal certificate). I actually called that company and they said they wouldn't have sent that and have never heard of the person whose name was listed as the sender.

I change my email passwords regularly, so I doubt someone has hacked my email account and is trying to send me fakes with the intention of getting me to open up some attachment that sends crazy malware or something like that. But, I just find these clever and disturbing. I was close to opening this one described above, but my gut sensed something was wrong. I called and am glad they said it wasn't them who sent it.

I guess my question is how on Earth would someone know to send such an email from someone I'd done business with in the past? Anyone get such "deep fake" emails? If so, how common have you found it to be?

It's so common these days. Hope the scam filter would be more sophisticated.

 

[Janus]

While a bit off the topic of scam e-mails, I just recently got, after not getting any for a long time, a scam phone call. I'm not sure exactly which one it was, because the recorded message started part way in, and I didn't wait to hear it repeat.
From what I did hear, I'm guessing it might have been either the IRS or Social Security scam.
Ironically, I have just recently been watching some you-tubes of scam-baiting.

 

[Fervent Freyja]

For sure, your post suggests that your place of employment needs to have training that deals with phishing attempts. This is a standard.

 

[kyphysics]

BE CAREFUL PEOPLE - Happened again today!

Got an email from my doctor's office. I never requested it and it looked suspicious, as the email address was weird and nothing like the doctor's office. I called. They said they have no record of sending me such an email and don't recognize the address.

 

[kyphysics]

While a bit off the topic of scam e-mails, I just recently got, after not getting any for a long time, a scam phone call. I'm not sure exactly which one it was, because the recorded message started part way in, and I didn't wait to hear it repeat.
From what I did hear, I'm guessing it might have been either the IRS or Social Security scam.
Ironically, I have just recently been watching some you-tubes of scam-baiting.

The IRS scam calls are so annoying. I've gotten...100?? or so over the past 2 years.

I can't remember if it was the IRS one or another obvious scam call, but one time I picked up the phone and said nothing JUST TO HEAR what they other party would say. Silence. Then the phone hung up (by them).

I never heard from that scam call program again. ...Haven't gotten the IRS one recently, so not sure if it was that one or not.

 

[Janus]

The IRS scam calls are so annoying. I've gotten...100?? or so over the past 2 years.

I can't remember if it was the IRS one or another obvious scam call, but one time I picked up the phone and said nothing JUST TO HEAR what they other party would say. Silence. Then the phone hung up (by them).

I never heard from that scam call program again. ...Haven't gotten the IRS one recently, so not sure if it was that one or not.

A few years ago we kept getting calls on the home phone. The machine would pick up and they would hang up. This went on for a number of days, multiple times a day. I finally picked up, and it was the tech-support scam. The one where they tell you that it has been reported to them that your computer has been compromised.
I told them that I knew that this was a scam*,and to stop calling. Even after my informing them of that, the guy on the other end tried to tell me "Sir, this is a very important matter".
I responded, "No, it isn't. Stop calling", and hung up.
The phone rang shortly after, the machine picked up, and they hung up again. The phone never rang after that.
I guess it sunk in that since I let the machine answer right after they had talked to me, I wasn't going to pick up again.
What gets me, is that even though I called them out as being a scam, they still thought they could convince me otherwise. I've seen this same pattern with some of the scam-baiting calls. The scam-baiter will fess up, tell them they knew it was a scam from the beginning and even go over step by step the lies told by the scammer.
Yet, the scammer will still try and insist that he is a certified technician working for a some real tech-support company.

*I think I also added something along the lines of not having been born yesterday.

 

[StevieTNZ]

BE CAREFUL PEOPLE - Happened again today!

It's being going on for years. Its hardly a new phenomena. This is why they should teach basic computer skills in school -- mandatory.

 

[Baluncore]

I think it is time to make spam emails more expensive for the sender.

Imagine what would happen if some organisation with the size and reach of Paypal set up an email system where, to send an email cost the sender a token 5 cents from the sender's account, and passed it to the receiver's account.

The receiver can acknowledge the email was useful, and return the 5 cents to the sender. Not returning the 5 cents would be the equivalent of unsubscribing. A subscription for one email per week would transfer 52 * $0.05 = $2.60 PA.

That is today's equivalent of a postage stamp, but the stamp is never canceled and can be reused or returned.
Spamming and scamming by email would end on that day.
It would also corner the email market.

 

[StevieTNZ]

Would receiving an email similar to this -- https://www.nzherald.co.nz/world/us...ying-off-his-debt/YY3EOA4H4DRXIY3RVOXWL3ZB3A/ -- be considered SPAM or legit? I find it hard to tell. Anyone about to shed light on this?

 

[Janus]

I think it is time to make spam emails more expensive for the sender.

Imagine what would happen if some organisation with the size and reach of Paypal set up an email system where, to send an email cost the sender a token 5 cents from the sender's account, and passed it to the receiver's account.

The receiver can acknowledge the email was useful, and return the 5 cents to the sender. Not returning the 5 cents would be the equivalent of unsubscribing. A subscription for one email per week would transfer 52 * $0.05 = $2.60 PA.

That is today's equivalent of a postage stamp, but the stamp is never canceled and can be reused or returned.
Spamming and scamming by email would end on that day.
It would also corner the email market.

I doubt 5 cents per e-mail would make much of a dent. For example, let's say that for every 1000 e-mails sent out, they get one bite. That would cost them just $50.00. But a single successful scam can net them 100's or even 1000's of dollars.

 

[Rive]

I think it is time to make spam emails more expensive for the sender.

As far as I know most of these things comes through botnets (malware infected computers of unsuspecting people).
Hard to catch the real sender.

 

[Vanadium 50]

One email early on said they got my email from the original campaign I donated to and wanted to ask for my help. ...Uhhhhhhhhhhh, I did not consent.

Is there any amount of email that they could send you that would cause you to vote for the other guy? If, as I expect, the answer is "no", they have no incentive to stop.

 

[MikeeMiracle]

You can't charge for sending e-mails, who would you charge? There is no centralised point that all e-mails flow through in order for you to do such a thing, the internet was not designed that way. Data is sent from the sending servers directly to the receiving browser / server by the shortest path in the network.

Setting up an e-mail server / relay is childs play for any tech, these scammers are not sending out e-mail using gmail or Outlook.com. Anyone with their own e-mail server can send e-mail to anyone and make it appear as if it came from anyone.

 

[StevieTNZ]

You can't charge for sending e-mails, who would you charge?

ISP's? Gmail, for businesses?

 

[MikeeMiracle]

An ISP could charge for sending e-mail out using it's own e-mail servers I suppose, but my point was that these scammers are not using their ISP e-mail service and certainly not gmail, they are using their own e-mail servers.

It's all to do with how information flows around the internet at a very low level. Don't forget the internet is a global phenomenon, not like a telephone system where one country/company controls all the access points so anything you plan to do needs to be done globally by everyone who controls access to the internet.

Without analysing every tiny bit of information that flows from any computer in the world onto the main internet by any ISP in the world, this is not something you can stop. Any ISP who do not play ball or can't afford to implement expensive data analytics on every bit of data passing through them will be ripe for the scammers to use. Any encryption of the e-mail traffic will also likely make any protection redundant.

Your talking about a global effort along the lines of China's internet filtering system in every country to even contemplate this and even then there are ways past China's internet blocking.

If it was easy to "control the internet" we would not have criminal activity online :)

 

[mfb]

Email services could ask for money to accept emails ("pay or we won't show your email to our customer"), but that would be impractical for legitimate email sources.
It's easy to avoid fake mails. Avoiding them while still getting the real mails is the challenge.

 

[CharlieMauro]

These are actually kind of "decent" fakes. They make you curious. I was dumb to open the Paypal fake email, but thankfully I've resisted all others thus far.

 

[kyphysics]

These are actually kind of "decent" fakes. They make you curious. I was dumb to open the Paypal fake email, but thankfully I've resisted all others thus far.

Yeah, one thing I've learned is to call the company in question. That's saved me from opening a few VERY realistic ones.

Something else I wonder about is whether someone ELSE's account that I know is hacked (not mine). I am pretty religious about security (notwithstanding opening these dumb fakes). But, I have older aunts, uncles, etc. who are not tech savvy and just use the internet for the sole purpose of communicating with us young "kids/grandkids." I KNOW they constantly click on ads and pop-ups. I've watched them surf the net and cautioned them on this stuff before. You can tell them to run this security check up or do this or that all you want. Often they forget (or don't want to do it) or don't remember how...so they could be compromised, which is leading to possibly me getting compromised. The thing about that is I can't/won't stop communicating online with my older relatives. You love them and you'll still open their emails of course. Everyone does.

So, yeah, that's kind of an ongoing potential loop-hole into my own accounts. I'd say those over 68-ish tend to be that way. Early 60's people that I know are actually pretty tech knowledgeable on the whole from my personal experience (which is nothing more than that - a small sample size).

 

[pbuk]

I think it is time to make spam emails more expensive for the sender.

Imagine what would happen if some organisation with the size and reach of Paypal set up an email system where, to send an email cost the sender a token 5 cents from the sender's account, and passed it to the receiver's account.

The receiver can acknowledge the email was useful, and return the 5 cents to the sender. Not returning the 5 cents would be the equivalent of unsubscribing. A subscription for one email per week would transfer 52 * $0.05 = $2.60 PA.

That is today's equivalent of a postage stamp, but the stamp is never canceled and can be reused or returned.
Spamming and scamming by email would end on that day.
It would also corner the email market.

And roll back communications for every voluntary organisation 20 years, whilst leaving people looking to make money out of you the only people able to afford mass communication. Unfortunately the cure is worse than the problem.

 

[CharlieMauro]

Yeah, one thing I've learned is to call the company in question. That's saved me from opening a few VERY realistic ones.

Something else I wonder about is whether someone ELSE's account that I know is hacked (not mine). I am pretty religious about security (notwithstanding opening these dumb fakes). But, I have older aunts, uncles, etc. who are not tech savvy and just use the internet for the sole purpose of communicating with us young "kids/grandkids." I KNOW they constantly click on ads and pop-ups. I've watched them surf the net and cautioned them on this stuff before. You can tell them to run this security check up or do this or that all you want. Often they forget (or don't want to do it) or don't remember how...so they could be compromised, which is leading to possibly me getting compromised. The thing about that is I can't/won't stop communicating online with my older relatives. You love them and you'll still open their emails of course. Everyone does.

So, yeah, that's kind of an ongoing potential loop-hole into my own accounts. I'd say those over 68-ish tend to be that way. Early 60's people that I know are actually pretty tech knowledgeable on the whole from my personal experience (which is nothing more than that - a small sample size).

a global effort along the lines of China's internet filtering system in every country to even contemplate this and even then there are ways past China's internet blocking.

 

[kyphysics]

info@finance.comms.yahoo.net

Got an email with the above address. I opened it without looking at the address first as it was a Yahoo! themed email. It was offering for me to join some webinar. Then, I saw the email above. . .

I got to say, the email's contents look VERY legitimate. I have no idea if it's real or fake, but "yahoo.net" looked fishy to me. Any guesses as to authenticity? Stuff like this seems like it'd be hard to distinguish the real ones from fakes. There was even the typical "unsubscribe" link at the bottom. I didn't click in case it was a fake leading me to some malware.

 

[Tom.G]

Go to https://hexillion.com/ and enter YAHOO.NET in the search box.
They are in the state of Virginia and owned by Oath Holdings Inc. in New York. Street addresses and phone numbers are also listed.

From that info you can check things like the BBB, and the corporate listings and court cases on the government sites in the two states.

Have Fun! and let us know what you find.
Tom

 

[jedishrfu]

It appears that yahoo.com has the same owners. They are likely a holding company to protect the privacy of the owning corporation while at the same time managing the domain to prevent squatters should the domain name lapse.

Physicsforums.com has a separate company called Perfect Privacy LLC and not Greg's address.

 

[MikeeMiracle]

You need to appreciate how computers read the domain names to help understand if something is legitimate or not, namely backwards. The last part of the domain is all important.

There are what is called "root" domain name servers, they hold the records for all the "root" domains. For example .com .net .gov . Every computer comes with a record of these "root" servers.

Lets take www.microsoft.com

Your computer will first contact a "root" name server and ask for a query of the .com domain. It will ask who "owns" microsoft.com. The root server will respond with another name server who is resposnsible for the microsoft.com domain.

Your computer will then contact the name server responsible for the microsoft.com domain and ask for who own the "www" part. If that name server owns the www part it will respond with an IP for www.microsoft.com. If there more bits to the address before the "www" part the name server will respond with another name servers who can resolve the next bit.

So taking the example above "finance.comms.yahoo.net" first we resolve ".net" section and then the ".yahoo" section. The query for "comms.yahoo.net" get resolved by the "yahoo.net"name server. Later the "finance.comms.yahoo.net" section is resolved by the name server specified by the "comms.yahoo.net" name server.

The point is that yahoo.net is owned by the legitimate Yahoo company and that's the last part of the address. It's when the name we recognise is at the start of the address that we should look further.

If the address was "yahoo.net.finance.comms" Initially it seems legitimate but from what I have told you this resolutions 2nd step is to the "finance.comms" server. That "finance.comms" name server can create anything it likes past this section to fool you as it controls what happens after that point.

I hope this helps clarify what to look out for in address's. This is true for ALL internet address, e-mail, web pages and anything else with an address.

 

[kyphysics]

You need to appreciate how computers read the domain names to help understand if something is legitimate or not, namely backwards. The last part of the domain is all important.

There are what is called "root" domain name servers, they hold the records for all the "root" domains. For example .com .net .gov . Every computer comes with a record of these "root" servers.

Lets take www.microsoft.com

Your computer will first contact a "root" name server and ask for a query of the .com domain. It will ask who "owns" microsoft.com. The root server will respond with another name server who is resposnsible for the microsoft.com domain.

Your computer will then contact the name server responsible for the microsoft.com domain and ask for who own the "www" part. If that name server owns the www part it will respond with an IP for www.microsoft.com. If there more bits to the address before the "www" part the name server will respond with another name servers who can resolve the next bit.

So taking the example above "finance.comms.yahoo.net" first we resolve ".net" section and then the ".yahoo" section. The query for "comms.yahoo.net" get resolved by the "yahoo.net"name server. Later the "finance.comms.yahoo.net" section is resolved by the name server specified by the "comms.yahoo.net" name server.

The point is that yahoo.net is owned by the legitimate Yahoo company and that's the last part of the address. It's when the name we recognise is at the start of the address that we should look further.

If the address was "yahoo.net.finance.comms" Initially it seems legitimate but from what I have told you this resolutions 2nd step is to the "finance.comms" server. That "finance.comms" name server can create anything it likes past this section to fool you as it controls what happens after that point.

I hope this helps clarify what to look out for in address's. This is true for ALL internet address, e-mail, web pages and anything else with an address.

This was confusing, yet informative at the same time. :)

Thanks for the in-depth explanation to a clueless person on this topic!

For whatever reason, I always assumed the "end" of an address that's different from the usual was a big sign of fakery.

For example, IRS.com ...I mean, come on! We know the real IRS is IRS.gov. But with non-governmental sites, I wasn't aware it could still be legit.

I'd usually assume Google.net would be a fake, for example. Interesting stuff.

 

[mfb]

Big companies will try to get as many of these domains as they can get. It makes it harder for others to create legitimately-looking websites. That goes beyond just using different top level domains. They will often register various misspellings, too.

 

[Ellalucero]

I got hundreds of emails like this on daily basis. First you should check the sender email id, and check the domain associated with it. Never open any link on the first place, first insure that Email is genuine, and if there is any doubt then you should probably Ignore the email.

 

[Ellalucero]

Here are few more things you can consider,

No legitimate organisation will send emails from an address that ends ‘@gmail.com’.
The domain name associated with the email is misspelt
The email is not well written
Email contains suspicious attachments or links
Suspicious links
Big offering in the email

 

[kyphysics]

...

So taking the example above "finance.comms.yahoo.net" first we resolve ".net" section and then the ".yahoo" section. The query for "comms.yahoo.net" get resolved by the "yahoo.net"name server. Later the "finance.comms.yahoo.net" section is resolved by the name server specified by the "comms.yahoo.net" name server.

The point is that yahoo.net is owned by the legitimate Yahoo company and that's the last part of the address. It's when the name we recognise is at the start of the address that we should look further.

If the address was "yahoo.net.finance.comms" Initially it seems legitimate but from what I have told you this resolutions 2nd step is to the "finance.comms" server. That "finance.comms" name server can create anything it likes past this section to fool you as it controls what happens after that point.

I hope this helps clarify what to look out for in address's. This is true for ALL internet address, e-mail, web pages and anything else with an address.

Here is another email I accidentally clicked on today (I wanted to select the box to try to delete it, but my mouse accidentally clicked on it to open):
yahoo@sports.comms.yahoo.net

Two questions:
1.) Would I be correct to assume it is legitimate, because of the "yahoo.net" ending? For reference, I play fantasy sports, so this was an email advertising some fantasy sports stuff on Yahoo. But even without that background, is the logic that if it's a "yahoo.net" ending, then it's ALWAYS legitimate (no matter what comes before that part of the address)?

2.) My second question is whether someone can send you an email with a "fake legitimate email" as the sender's email? Let's say abcxyz@yahoo.net is legitimate email address from Yahoo! But, suppose a scammer wants to send me some type of malware through email. Can that evil person use abcxyz@yahoo.net as his sending email address (even if he's not really sending it from that address)? Can some, in other words, fake the sending email address (of a legitimate one)?

 

[pbuk]

Here is another email I accidentally clicked on today (I wanted to select the box to try to delete it, but my mouse accidentally clicked on it to open):
yahoo@sports.comms.yahoo.net

Clicking on a link that opens your email application is a completely different thing to clicking a link that opens a web page, however clicking links you don't trust is still not a good thing.

1.) Would I be correct to assume it is legitimate, because of the "yahoo.net" ending? For reference, I play fantasy sports, so this was an email advertising some fantasy sports stuff on Yahoo. But even without that background, is the logic that if it's a "yahoo.net" ending, then it's ALWAYS legitimate (no matter what comes before that part of the address)?

Well Yahoo do own the 2nd level domain yahoo.net, although the sports.comms.yahoo.net domain as well as comms.yahoo.net is controlled by a marketing company Lion Re:sources, part of the Publicis Groupe. However because of the point below you cannot rely on the email actually coming from them.

2.) My second question is whether someone can send you an email with a "fake legitimate email" as the sender's email? Let's say abcxyz@yahoo.net is legitimate email address from Yahoo! But, suppose a scammer wants to send me some type of malware through email. Can that evil person use abcxyz@yahoo.net as his sending email address (even if he's not really sending it from that address)? Can some, in other words, fake the sending email address (of a legitimate one)?

Yes. Depending on your email client and spam settings and any anti-malware plugins you are using such a faked address may or may not be marked as spam.