Sometimes, a spam message can look very tempting to the reader. I recently received the following message that’s just too good to be true. Fortunately, my spam filter did move it to spam already…
This is a personal email directed to you.
I and my wife won a EuroMillions Jackpot Lottery of Ј148m EuroMillions in August.
We have decided to donate the sum of Ј2,000,000.00 Pounds to you as part of our own
charity project to improve the life of 5 lucky other individuals all over the world.
All you have to do is get back with us so that we can send you details to the payout bank.
You can verify this via the two link below.
Adrian And Gillian Bayford
Strangely enough, the sender happens to be firstname.lastname@example.org but the email in the message claims otherwise. A check of that MailDX address shows that it’s just another free email provider, like Hotmail, Yahoo or GMail. Since the sender is also a free mail account, I just consider these throw-away accounts. They use it to get your attention and they hope to collect enough information before the free providers will close the account again. And, the trick here is that they use two providers, so one account is closed for sending spam reasonable fast, but the other will continue to work a bit longer. A simple trick, but reasonable effective.
Also interesting is that they did not include any fake URL’s or made up a fake story. The real Adrian And Gillian Bayford did win a nice amount in the national lottery. A nice 148 million in British pounds. Not bad! And sure, they could decide to give away a small part of that amount to a few lucky others, but how would they chose those people? Ask yourself: if you would give away a large sum of money, how would you decide the person who should receive it?
Right! You would not pick a random person from a mailing list. Especially not when that mailing list happens to be used by spammers to spam people. I know it’s on a spam list since I tend to receive several other spam messages on the specific mail alias that has received this message. Anything I receive on that list is most likely spam anyways. Doesn’t bother me, though. My mailbox has a powerful spam filter and the account is just an alias that I can close and discard. It’s just fun to see the kind of tricks spammers will use. And some of their tricks are very sophisticated! Besides, it helps me to recognize those spammers.
So, except for the fact that it was already marked as spam, what other things told me it was spam? And most likely a phishing mail? Well, first of all it sounded too good to be true. Also, a quick Google-search revealed an article on SpamFighter warning people about this message! It never hurts to just search on Google to check if some message is spam or not! The two different email accounts also warned me, especially since both are free accounts. Registering a domain name is not expensive. And by using Google Apps you can also add a mailbox with unlimited aliases to your domain, again for a low price. So this couple could have easily created a real domain with extra information for those people with whom they would share their price.
Also, the lack of the British Pound symbol in the email was a clear clue, since it’s supposed to be British. It tells me that it was sent by someone with a non-British keyboard! That’s very common outside the UK but people inside the UK prefer to type the proper symbol for their currency.
Sending the spam to my honey pot mail account was also a dumb move.