Email from the Dark Side

This is presented for entertainment purposes only.

* Nothing in this post should be construed as legal advice. *

A Suggestion

Review this scenario with your older, technophobic and more trusting relatives, co-workers and friends. Discuss with them how to protect themselves from criminals online.

Setting the Scene

I recently had a client describe getting several product and service subscription renewal notices via email. These were for products that they didn’t use, and I suspect they may have wondered if someone had used their credit card to subscribe to these services.

person reading email on their phone

NOTE: If you are worried about someone else using your credit cards I was taught that you ALWAYS contact your bank or credit card’s fraud protection service via the phone number on the back of the actual credit card, or from the phone number found on one of your bank statements. Definitely do not call a phone number received in a sketchy email.

In this case my client received numerous emails claiming several different legit sounding tech subscriptions were being renewed. All of the emails came in the same day which created a sense of urgency.

The messages also said that the $$$ charges would become irreversible in 24 hours, again adding to a sense of urgency.

Each email gave a different phone number to call to cancel the renewal. Seemingly an easy and trusted method to fix the problem, right? Not using the same phone number, there are no unknown hyperlinks to click on – what could go wrong?

What’s going on Here

The basic idea is to scare you into thinking that you have been subscribed to what sounds like a legit product. You know you didn’t subscribe to that product, and even if you did use that product, the price will seem way too high.

It’s supposed to trigger your “protect my wallet” instinct – without activating your internal “this is bogus” alarm.

They masquerade as popular and/or respected services to make you think they are legit and instinctively gain your trust. Some of my client’s emails pretended to be from a popular Internet Security software and others pretended to be from a popular big-box store tech service department.

What about the different phone numbers in the email? They use temporary phone numbers that are forwarded to other phone numbers and are difficult to be traced later, similar to burner phones.

Don’t Do This

During the process of “cancelling” the bogus subscription the con-artist may tell you that you have malware on your computer. They will explain that this malware subscribed you to their service and it will subscribe you to other services as well.

See how they innocently tie this to the other emails you received, each from seemingly different subscription services? They are making the whole scam seem more plausible by doing this.

Then they ask to remote into your computer to remove the malware. They may even offer it as a discounted billable service. Don’t get out your credit card and don’t let them remote into your computer.

They may also ask to help you fill out their online refund form, again by remoting into your computer. DON’T LET THEM.

If they get a remote session with your computer, they will install malware, remote access, logging and monitoring software.

you’ve Opened the vault

After they fake the subscription cancellation, if they have access to your computer, they instruct you to log into your bank account to verify that your cancellation refund has been received.

Bank vault door

If you do this they can immediately view and access your bank account. They can quickly assess your financial liquidity to see how big of a payoff they can try for. Now they will fake an accidental incorrect 10x or 100x refund in your favor. This is explained as having put in too many zeros or missing the “.” separating the dollars and cents in the number that you and they put in the refund form.

So instead of refunding you $305.03, they look like they have accidentally refunded you $3,05.30, or even $30,530.00. If they are logged into your computer they can make the web page on the screen look like your bank has actually received the incorrect 10x or 100x refund $$$ (done via injecting HTML and CSS into the web page).

NOTE: Even if you don’t log into your bank, if you let them remote into your computer you can bet that they now have malware on your PC waiting to capture your online banking and shopping usernames and passwords.

It’s not just One bad actor

There is a team of hackers working behind the scenes to do this sort of scam. It’s not just one person in their mother’s basement. Those days are long gone.

a group of people working on their laptops

Organized crime recruits individuals to run tech support scam teams. I suspect that once they’ve written the scripts, and rehearsed the plays, they can move their really talented hackers to a new team to mentor and help them get started.

The person you talk with on the phone is the social engineering con-artist. Their job is to keep you busy, giving the others the time they need, making you feel at ease and getting as much trust and information out of you as possible.

Speaking of acting

While sounding distraught and frightened about losing their job due to the refund “error”, they now work to convince you to send back the difference between the accidental overpaid refund amount and the correct refund amount.

In this scenario that would have our client send back either $2,745.27 or $30,197.97. Again, they took a look at your bank account while online with you, and they will have assessed if you look like a target for the higher number or not.

Yup, hundreds of people each year will “return” thousands of dollars to someone that they just met on the phone, from a phone number they called out of an unsolicited email message.

The criminal organization that runs these fake call centers often have their scam scripts very well written, performed by their best con-artists, and many vulnerable people fall for it hook, line and sinker.

How to spot a fake

person holding magnifying glass

An easy “tell” is to check the “from address” of the email. Often it will rarely be from the service that it claims to be from. Many times they don’t go to the effort of faking the sender’s email address, even though it isn’t very hard to do so.

If you are uncertain, ask a trusted online expert to review the email for you, contact your state’s consumer protection department, or get in touch with your attorney and have them look at it for you.

In this case “[email protected]” was clearly a bogus email address.

Additionally, you can copy and paste the contents of the email into a Google search. You can see if others have reported the same email message as a scam online. This works surprisingly well as a way to identify many scam email messages.

Get less junk email

To reduce the number of these incoming spam/scam emails you can setup “filters” in your email program to auto-delete messages with common scam phrases. Yet, be careful that you don’t use phrases that you might see in legit email.

Setting up a filter may look something like: Send all email with the words “Hello User, Member”, or the words “will be reflected within next 24 to 48 hrs” immediately to my deleted folder.

Payback can be educational and entertaining

If you want to learn more about this sort of scam, and be entertained at the same time, check out this YouTube channel to watch a white-hat hacker turn the tables on the scammer.

Can We Help You?

Contact Us if you want to improve your online presence, grow faster, be more effective and efficient online.

We will get you noticeably better results. We can teach you how to properly make new content and perform routine maintenance on your various Internet properties, or we can do it for you.

If you want, our Online Business Management service will manage your online presence for you, maintain social media, do content updates & creation, website software updates and maintenance.

Who We Help

We focus on small to mid-size organizations.  Past examples have been a 1-person entrepreneur growing their retirement nest egg, small town communities, school districts, churches, non-profit organizations, and a nationwide organization with 100 people on staff.

If you don’t have an in-house expert, we want to help – Market Street is here for you.

What We Do

Our online business management services, in-depth training, coaching and comprehensive real-world consulting will help you grow, adapt online, work smarter and more efficiently and effectively.

Market Street also makes easy-to-use and highly effective websites that help you get the word out and engage with your audience. Your content can be text, photos, graphics, audio recordings, and even videos.

Experienced Advice

Market Street has 25+ years of experience consulting in the tech world and online marketing.  We know how to manage the numerous behind the scenes details to get you better results.

We are always learning, reading and researching, testing and trying out new strategies, tactics, processes, software and solutions so you don’t have to.

Contact Us – we can help you!

Photo of author

Author:  Scott Cannon

Helping NPOs & businesses for over 30 years as a technology consultant. I now focus on helping people use their website and social media more efficiently and effectively.

I've been told that I'm friendly, helpful and honest to a fault. I wouldn't believe it if I hadn't heard it myself.   :-)

Let me help you!
Contact me

Leave a Comment