scam stock.jpg

LARAMIE — Wyoming citizens reporting phishing emails to help their friends and neighbors avoid scams is why the CyberWyoming Alliance set up phishing@cyberwyoming.org. For the May 3 edition of the Hacker’s Brief, an email from Beverly Hills Rejuvenation Center was reported by a Sheridan citizen and was mistaken for a scam. However, the email was real and the CyberWyoming Alliance has printed a retraction.

This creates a great learning experience for CyberWyoming Alliance staff to take that extra minute to research the scam reported by the citizen, a normal practice that was missed for this email on May 3.

Research includes a combination of the following tools and searches.

1. Checking the sender’s address.

• Could it be a real domain? A simple Google search gives a clue.

• If it looks real, then CyberWyoming Alliance staff check the sender’s information on LinkedIn or Facebook and instant message that person to ensure they really are who they say they are and that they really sent the message. CyberWyoming Alliance staff have even looked up company’s phone numbers on the web and called directly to ask the receptionist if the employee works there.

• Checking the company with the BBB’s website.

• Checking to see if the company’s social media sites reference the same website or domain name.

• Copying and pasting the email address into MS Word and changing the font to be sure that the domain isn’t spoofed by changing a small l (L) to a capital I.

• Running the URL on websites like VirusTotal to check to see if they are legitimate.

2. Checking the links by hovering to ensure that they direct the user to the correct site.

3. Using Google searches to see if the scam was reported by others, like the FTC or the BBB.

These research tips are great for anyone receiving suspicious emails, but marketers also have to be aware of their email construction. The Sheridan citizen assumed the email was fake because the “Hi ___” was an initial and not her name, she had not asked for information about the company, the offer was aggressive, and the signature line looked very generic with no logo or branding. Her Spidey-sense was definitely going off when she reported this email to the CyberWyoming Alliance.

Specifically, cold call emails put real companies at risk for being mistaken for fraudsters. In a recent webinar, our sister organization CyberWyoming suggested marketers need to craft better messaging in emails, provide transparent links in any emails, be sure not to include attachments, avoid sending generically addressed emails, develop relationships with those on their mailing list and consider approaching potential customers using other methods to gain legitimacy and brand awareness. For instance, the CyberWyoming Alliance has found that direct mail in Wyoming still works because customers know that mail fraud is a federal offense. 

The CyberWyoming Alliance regrets this case of mistaken information and apologizes for any inconvenience this may cause to Beverly Hills Rejuvenation Center. The CyberWyoming Alliance is a nonprofit.

Recommended for you