Showing posts with label scam prevention. Show all posts
Showing posts with label scam prevention. Show all posts

Wednesday, August 5, 2020

Watch Out for This Sneaky Email Scam - And a Super-techy Lesson on Email

On Monday I wrote about an email scam that tries to trick people into thinking they have violated a photographer's copyright and need to add a link to their websites to remedy the problem. Yesterday, I had another sneaky scam attempt land in my inbox.

The scam attempt that landed in my inbox yesterday can in the form of an email stating that an account had been created for me at Forte.net (a legitimate online payment processor) and that I needed to click the link to confirm my account. I was immediately suspicious because I didn't create an account. Obviously, I didn't click the link and I didn't copy and paste the URL that the email suggested I follow. What I did instead was head to the support page for Forte.net and filed a fraud report. Within minutes I got an email back from them. All of this is documented in this short video that I recorded yesterday afternoon.


What's the purpose?
You might be wondering why someone would try to use my email address or your email address to register for an account on a service. Sometimes this is done as part of identity theft attempt (often in the case of trying to register for payment services). Sometimes this is done as part of a larger attack designed to get hundreds or thousands of people to click a link that takes them to a nefarious site for a variety of purposes including the spread of malware.

The lesson to share.
What is significant in this little story is to always be suspicious of emails that state you have a new account created for a service that you didn't intentionally register for. And don't reply to those emails. Instead, go directly to the site if you want to do some investigating. Finally, always look at the "from" addresses, the "mailed by," and "signed by" addresses.

A Technical Lesson on Email Forensics
If you want to dive into the nitty-gritty of how email really works and how to analyze the sender of an email, watch this video.

Monday, August 3, 2020

Don't Fall for This Image Attribution Scam

Anyone who has followed my blog for a year or more knows that I am nothing if not vigilant in promoting the use of public domain imagery in blog posts and other multimedia projects. To that end, I have used Pixabay for years to locate images to use in my blog posts. Pixabay clearly labels all of the images they host with "Free for Commercial Use. No Attribution Required." That's why this morning I was taken aback when I got the following email:

Hi Richard,
You are using my client's image (attached below) in one of your articles https://www.freetech4teachers.com/2018/05/three-ways-to-develop-programming.html. We're glad that it's of use to you :)

There’s no issue if you've bought this from our market partners such as Shutterstock, iStock, Getty Image, Pexels, Adobe, Pixabay, Unsplash, etc.,

However, if you don’t have the proper license for the image then we request you to provide image credits (clickable link) on your article. Or else this will be against the copyright policy.

Unfortunately, removing the image isn't the solution since you have been using our image on your website for a while now.

Feel free to ask any questions that you may have.

Rodney Sherwood
Content Head
Anti Spam Reporter
There are a few things in this email that triggered my Spidey senses to a scam.

1. No mention of the actual client.

2. "Rodney" represents an "anti spam" firm. Any legitimate copyright protection claim/ DMCA claim would at least be formatted with link to the original image source (a requirement in making any defense of your copyright, something I know from filing dozens of DMCA notices over the years) if not filed by a law firm specializing in intellectual property.

3. "Rodney" cites Pexels, Pixabay, and Unsplash as one of his company's "market partners." A quick search of his website makes no mention of those partners. Furthermore, Pixabay, Pexels, and Unsplash are quite clear in saying that attribution is not required.

4. This key tip-off was "Rodney's" failure to mention the website that he wants me to link to.

How I responded.
1. Just to be sure I was in the right, I did a reverse image search and landed back on Pixabay where I confirmed that I had the rights to use the image.

2. Took a screenshot of Pixbay page that hosts the image.

3. Sent the screenshot to "Rodney" and told him to take his spam elsewhere.

How you should respond.

1. Double-check that you have rights to use the image in question (a quick reverse image search is the easiest way to do this).

2. Mark the email as spam and delete it.

What's the purpose of this scam?
The purpose is to try to get website owners to link to a specific page or site in attempt to increase the number of pages linking a site. It's the same reason why the comments section of blogs get spammed with ridiculous links.

Good Places to Find Copyright-friendly Media
Back in May I published an updated guide to finding copyright-friendly media for classroom projects. You can find it here on PracticalEdTech.com