This morning I got an email that I am $4,311 late on invoices. Crap.
Oh, wait. This is from the evil scammers. I don’t use the word evil in jest. I am absolutely disgusted by people who do this.
People, PLEASE slow down. Look, think, ask questions, and be a little skeptical. Whether it is a phone call, an email, or whatever, please slow down, don’t panic, and figure out if it is real. The stories of scammers are so horrid, and that gmail and skype and other systems don’t have better checks in place is, in my opinion, appalling.
No, you problaby don’t owe thousands of dollars. No, you aren’t going to come into tens of thousands of dollars of free money. And no, your daughter is probably not abducted (I just watched something on this, where they have a girl screaming in the background and swear they will kill your kid, but it isn’t your kid). Sick opportunists.
Unfortunately, this is happening to the huge number of job seekers, with fake jobs.
The problem is that right now we are in a state of panic, and when we see something, whether it is scary or exciting, we jump before we look. PLEASE LOOK.
So, let’s break this down. I kind of hate doing an analysis like this because the bad people who put this together can learn how to clean up their evil. But I want you to see what to look for. Let’s break down this email:
1. No one really talks like this. It’s close… it wasn’t THE red flag, but it was just off enough that it looks weird. I’m guessing this is common language for wherever Mr. Evil is from, but something sounds fishy.
2. The name part of the email address, to the left of the @, doesn’t match the name. Normally I’d expect it to be Ayla@ or a.luka@ or Aylaluka@ or something like that, but in this case there is no connection between the sender’s name and the email address.
3. This is a HUGE red flag, and BAD ON AOL for allowing this crap to go through. A legitimate company will not send you an email like this from an aol address. Nor will they send it from Yahoo, or Juno, or Gmail, etc. This email should come from a corporate address… and this right here is the first major red flag.
4. I didn’t catch this on the first pass, because I skimmed to the body, but notice WHO this is to. I am not rzclyryyf. If you click the down triangle/arrow (I did), you’d see that isn’t even a real email. I got it because it went to my JibberJobber email system, and as owner/admin I get all emails that are not assigned to someone on my team (for example, I would get email@example.com). But look to see WHO the email is addressed to… another red flag.
I won’t begrudge poor writing in general because we all write poorly. I could probably look through my emails and find a dozen examples, mine or from other people, that look like they were written by Mr. Evil. Having said that, let me show 12 yellow or red flags. Again, I hate educating Mr. Evil so he can do better next time, but YOU have to be vigilant, and here’s what should alert you:
1. “In view of your payment documents”…? Nope. Not in view of anything, and I don’t have payment documents. Red flag.
2. “an unpaid invoices” an is singular, invoices is plural. Anyone typing too fast could make that mistake but this just adds to the BS meter. Yellow flag.
3. “Period of Sep-Dec” Generally companies do quarters… so it should really be Oct-Dec. Very subtle… but it is “off” just enough that, combined with other things, you should be saying “wait a minute!”
4. “Numbers of those invoices” and then it has one invoice number (which seems too long). You have two plural words but only one invoice. Now I’m really getting suspicious… accounting people usually aren’t this sloppy.
5. “$4311,98” Notice there comma is in the wrong place (for US customers) and there isn’t a period in the decimal. The main thing that made this pop out was no one in the U.S. would write that amount without putting a comma after the 4, like this: “$4,311”
6. “settling the debt”? Nope, wrong language. Yellow flag.
7. “was March 31, 2020.” I got this email on March 27th. It should say “is”… but having this kind of notice days away from the due date is just a little weird.
8. In the attachment I’ll “find a list of unpaid bills with all the details”? Poorly written… and this just seems off. Yellow flag by itself, but by now you should be screaming NO NO NO.
9. Everyone should take their bills seriously, but to have someone write it this way…? Nope.
10. Who “clears their bills?” Not U.S. people. Wrong language Mr. Evil.
11. “after you open this message.” Oh really? I had to open it to read it… this is just poorly worded, and should be a yellow flag.
12. The R should not be uppercase, but I’ll give that a pass. The thing that throws me here is there is no spacing between the message, the regards, and the name. Normally a signature is created in the signature feature of email, and isn’t bunched up to the body like this.
Alright let’s bring it home. Here are the last few things:
1. Pigging-backing on #12 above, this email signature is all wrong. The name should be with signature block… this is weird formatting. Yellow-to-red flag.
2. I copied this company name into Google and guess what… they are investment advisors. They are in Newport Beach, California, not Montana. Their area code is 949, not 517. It took me 4 seconds to make those comparisons. The company name exists but the industry is not what I was expecting, and the locations are wrong. Definitely a red flag if you take a few seconds to google it.
3. I also checked this address. Turns out (big surprise) it doesn’t exist. Red flag.
4. Notice anything off about the phone and fax numbers? Aside from missing the dash in the right place on both numbers, there aren’t enough digits. If you are worried about being late on your multi-thousands of dollars payment you probably wouldn’t notice that, unless you were skeptical going into this.
5. I must not get enough xls attachments in my email because I was immediately skeptical of this… it just looked weird. … update: I just sent myself a real xls file and it does not have that weird “office” banner on the top, nor does it have what looks like an off-color error message. Yellow-to-red flag right there. Also, the name of the file looks weird… the numbers don’t even match the fake invoice number in the body.
Okay… I’ve given you 21 yellow or red flags in this very short email. I don’t expect you to memorize any of them… but don’t open attachments or call the Mr. Evils of the world out of fear or excitement.
What do I do with this? In Gmail, I click the hamburger icon here:
Then, from the dropdown I choose this (and then click the blue button on the next screen):
You might want to reply back and try to game Mr. Evil, or lecture him. Don’t even waste your time. Just report phishing and hopefully Gmail and AOL will get better at shutting down that email address. And then move on with your life.
Mr. Evil, you are welcome for this consulting. Please email me back so I can send you the bill. Loser.