How to Stay Safe from Email Scammers


From time to time I receive emails telling me that my original message couldn’t be delivered. There are various reasons for receiving such an email. In most cases it is because the recipient’s mailbox was full or there was a typo in the recipient’s email address. But sometimes the reason gets a bit more dramatic.

Sending a Fake Message

Sending out an email is a trivial task. However, it is an equally trivial task to send out a fake email in which a third party uses your email address to send out their scam messages — this is called spoofing.

To try this out, all you need to do is install a WordPress plugin called Contact Form 7. After you add the plugin to your WordPress installation, simply make the following settings at WordPress Dashboard > Contact > Add New:

Contact form scam settings

Contact form scam settings

Remember to pair up things in the Form and Mail sections — the Recipient with the To shortcode, the Sender with the From shortcode, etc.

When you are done, click Save. Contact Form 7 will create a shortcode for the whole contact form you have just created. It will look something like this:

Copy the shortcode for your contact form and paste it into a page on your website.

The result will be very similar to this:


Contact form scam page

As you can see, I am able to enter whatever email address I wish to the Sender text-box.

And once I click Send, the message will arrive into the recipient’s inbox as if it was sent by Mr. Gates.

Scam message

Scam message

Scam Tactics

As you can see, taking up someone’s identity via email is ridiculously easy.

Obviously, professional scammers will try their best to make you click on a link in their scam messages.

They will be posing as representatives of a social media site, bank, the department of justice, or some other serious institution. And they will most often use scare tactics, claiming that your account was hacked or that you need to fill out a form to avoid being sued or something else of the kind.

They want you to click on a link because that link will ultimately lead you to their target destination, where they will try to steal your identification information, banking information, or upload malware to your computer in order to make you pay ransom.

The ultimate goal of scammers is almost always theft and money. The sad reality is that these tactics, also called phishing, actually do work — given that they are used on a large enough population of email users.

Analyzing Email Messages

To find out whether an email is really coming from the person who is presented in the Sender field or whether it is a scam message, we need to check the source of the message.

A few days ago, I received a response message sent to me because of a failed delivery attempt:

Obviously, I didn’t send the message in the first place. So I decided to look under the hood of this email.

To analyze an email in Mozilla Thunderbird, click on the Other Actions button located in the upper right corner of the message’s window. Then select View Source from the drop-down menu.

Look for a line beginning with in the source of the email message.

This is what came up in my case:

I also identified the hosting company via which the scam originated:

The message body contained a link claiming to take me to a great porn video. Well…

Results of the Analysis

So this is what happened or at least this is what the data I collected points to.

A Russian or Ukrainian scammer was sending out spam using my email address as the return address. He used an Ukrainian winery’s hacked web site as the send-out platform. He inserted a link into the message that seemed to lead to a German orthodontist’s website. Clearly, the poor orthodontist’s website was also hacked because the latter part of the URL was gibberish. So the scammer’s target destination was somewhere else and only those who clicked at the fake porn link got redirected there. I can only guess what awaited them there instead of a porn video — some malicious code ready to be uploaded to their computers, a fake form for their identification data, or something else but equally bad.

Rules of Staying Safe

The above paragraph shows why it is crucial not to get your website hacked.

It also shows that it is good and necessary to use spam filters in your email programs.

It also shows that the best way to avoid getting scammed is to be extremely cautious and responsible when opening email messages.

Here are a few rules that should shield you from most scammers:

  • run up-to-date antimalware software on your computer that is continually looking for threats
  • use anti-spam add-ons, plugins, extensions, or other similar measures in your email programs
  • when an email seems fishy, don’t click on any links in it
  • when an email seems out of order, don’t download any attachments from it
  • whenever in doubt, check the email’s source to see where it originated and where would the links lead you
  • if the links seem suspicious, use Google or the Internet Archive to check up on the target website
  • if the link is clearly gibberish, you can bet that it will redirect you to a different website that is controlled directly by the scammers, such as a fake banking website

Sooner or later everyone receives a scam email message. Better be prepared for it.

Liked this post?

Subscribe to our newsletter to receive early notification of new posts and deals:
[mc4wp_form id=”45″]

Next Post »« Previous Post