Avoiding becoming a victim of email phishing scams involves being vigilant and following some best practices to recognize and respond to phishing attempts.

Phishing is a cybercrime technique in which unsuspecting individuals are contacted via email, telephone or text message by someone posing as a legitimate business or reputable person.  The emails try to lure people into providing sensitive data such as personal information, banking and credit card details, or passwords.  

Here's how you can avoid falling for email phishing scams:

Verify the Sender

Check the sender's email address. Be cautious if the sender's address looks suspicious, contains misspelled words, or is from an unfamiliar domain. Be particularly vigilant of email addresses that impersonate trusted organizations or people – if you look closely there is usually a slight misspelling of the email address.

Never Trust Unsolicited Requests

Be skeptical of unexpected emails asking for personal or financial information. Legitimate organizations typically will never ask for such information via email. Verify the legitimacy of the request independently, preferably through official channels like the company's website or customer service.

Check for Spelling and Grammar

Phishing emails often contain spelling and grammatical errors. Be on the lookout for these signs.

Look for Generic Greetings

Generic greetings like "Dear Customer" or "Hello User" are often used in phishing emails. Legitimate organizations usually address you by name.

Hover Over Links

Before clicking on any links, hover your mouse pointer over them to see the actual web address the link leads to. Make sure it matches the official domain of the organization. Be cautious of shortened URLs, as they can obscure the true destination.

Don't Open Suspicious Attachments

Avoid opening email attachments or downloading files from unknown or unverified sources, as they could contain malware.

Beware of Urgent or Threatening Language

Phishers may create a sense of urgency or use threats to pressure you into taking immediate action. Be cautious of such emails and take time to verify the claims.

Use Email Filters and Anti-Phishing Tools

Enable email filters and anti-phishing tools provided by your email service provider to help detect and filter out phishing attempts.

Double-Check URLs and SSL Certificates

Ensure that the websites you visit have a secure connection by looking for "https://" in the URL and a padlock icon in the address bar. However, this alone is not foolproof, so other precautions are necessary.

Verify Requests for Personal Information

If you receive an email requesting personal or financial information, especially if it's from an organization, contact that organization directly through official channels to confirm the request's authenticity.

Regularly Update Your Email Password

Change your email password periodically and use a strong, unique password. Consider using a password manager for added security. Create complex and unique passwords for your online accounts. Consider using a password manager to help you generate and store these passwords securely.

Don't Ever Share Personal Information via Email

Avoid sending sensitive information like Social Security numbers, credit card details, or passwords via email.

As always, Keep your antivirus and anti-malware software up to date. Regularly update your operating system and other software to patch any security vulnerabilities.

By following these guidelines and remaining cautious, you can significantly reduce your risk of falling for email phishing scams. Phishers rely on the element of surprise and deception, so a skeptical and informed approach is your best defense.

If you received a letter from Domain Name Services, Do not pay! It’s a scam! Throw it in the trash. 

This is a scam company (util.com) that sends what at first glance looks like a bill.  The letter says your domain is about to expire and you can take advantage of their “best savings” to renew it.  This company will try to get you to transfer your domain to them so they can charge over 3 times the usual cost, and probably hold your domain name hostage.

If you have registered your own domain through a company like GoDaddy, they will be the ones to contact you when it’s time to renew.

Unfortunately, domain name registration and renewal scams are very common. I get a couple of emails every month from clients asking what they should do with a letter/bill they’re received.

If you read the letter you’ll notice that it actually says “This is not a bill” but obviously there are enough people who fall for this because they send these notifications out quite regularly.

If you get one of these letters, and you are not sure if it’s a scam:

1. Contact your web developer (if they have registered your domain for you).
2. Log into the account where your domain is currently registered (if you have registered your own domain name).
3. Confirm when your domain is going to expire. And renew it if you need to with your current provider.
4. Make sure the credit card on file is still valid (and will be valid on the renewal date). If not, update it.
5. It’s a good idea to have your domain on auto renew!

If you sent a company like this money – it’s gone.  If you gave them your credit card – you need to cancel that card right away!

Never pay a bill you weren’t expecting without first checking with your website or IT people.

There are some larger marketing companies who occasionally contact my clients.

One company in particular from California spends quite a lot of money. They drop off toolboxes full of cookies, Yeti Tumblers, and even boxes containing a LCD Video Brochure (a video screen that played a commercial). According to this company, all they want is “15 minutes of the business owners time”.

Companies like this use aggressive salespeople who are only trying to make their commission. They promise the world, and sometimes they want to take over your website and then hold you hostage. You will get billed $600 to $800 per month for SEO services (more if they talk you into PPC) with a contract that is almost impossible to get out of.

They will say they have over 400 employees (the majority of them are salespeople), but they may outsource most of their web development and SEO to India. This is why your “customer service rep” will never be able to answer questions or get any work finished in a timely manner.

They do have lots of reports with pretty graphics that make little sense.

One of these salespeople who contacted a client had to brag in an email about her mad skills:

Jane Doe
Principal Sales Development Representative
Mar 2022 – Present

• Top-performing SDR out of 60+ reps for the last 3 consecutive months, with an average quota attainment of 280%+
• Consistently ranks in the top 5% on outbound activity metrics month over month, with an average of 40 dials and 40 emails per day
• Promoted 2x in my first 7 months
• Currently holds two company records for ‘most demos scheduled’ and ‘most demos performed’ in a one month period

I guess their priority is sending emails and cold calling to get new business. They need to reach their quota!

If a salesperson for a mechanic called you out of the blue and said you needed a new transmission – would you run right over to that garage and schedule the work?

It’s one thing if you are a huge company and have the money to spend on marketing. But if you are a smaller business you need to make sure you get the most bang for your buck. If you are using a local web development or marketing agency you will have partners that can grow with your business. They may not be dropping off toolboxes of chocolate chip cookies, but they will be there when you need them!

If you have a website, then you probably receive spam SEO emails on a regular basis by scammers trying to make a quick buck, or worse yet doing something malicious.

Naturally, when I receive a spam email it’s mild annoyance and I just delete it. But occasionally, a newer client will forward a spam email that claims their website isn’t as good as it should be. And sometimes even ask “is this something I should be worried about” I can’t blame the client if they want to know what’s going on, after all – it’s their business and their livelihood and anyone would be concerned if they kept getting emails saying their website could do better.

You’ve probably received emails like these:

“I found your details on Google.com and I have looked at your website and realized your website has great design but your website ranking is not good on all search engines Google, AOL, Yahoo and Bing.

Do you want more targeted visitors on your website? We can place your website on Google’s 1st Page. Yahoo, AOL, Bing. Etc. “

Or…

“I have just analyzed your site for the current search visibility and saw that your website could use a push.

We will increase your SEO metrics and ranks organically and safely, using only whitehat methods, while providing monthly reports and outstanding support. Please check our pricelist here, we offer SEO at cheap rates.

So, why do we get so many unsolicited emails that promise “Guaranteed Rank No.1 In Google” at a very cheap rate? Most of these emails are automated, it’s almost the same exact message but from different email addresses. Spammers will illegally buy lists of email addresses from unscrupulous list vendors, use programs that scour the internet and grab email addresses from websites, and other dishonest methods of getting someone contact info.

But you may be asking yourself: is there any risk from getting these e mails, and should I respond to them and ask to stop emailing me?

The Risk

Many spam emails do contain phishing attempts or malware. Never click on any link or open any attachment. And as tempting as cheap SEO may sound – giving some stranger in India access to your website and a credit card number is just a recipe for disaster.

Should I respond?

I always recommend to never respond to any spam email – that only lets the sender know they have a real person on the other end of the line. Responding to spam will probably just create even more spam emails.

I can understand how someone who gets emails almost on a daily basis saying there are problems with their website may start wondering if something is really wrong. Sometimes these spam emails offer a free SEO report or consultation. They promise to improve sales, they claim to be experts at organic SEO, they always sound like they just want to do you a favor and help make your website better – for dirt cheap.

The things you will always notice about these kinds of emails:

1. They are always completely unsolicited.
2. They rarely list a company name in the email, usually never a website, and never an address for the business.
3. The emails always come from someone using a free email account i.e. Google or Hotmail.
4. No Phone number.
5. The emails usually have grammar and spelling mistakes.

Proper SEO can never be accomplished overnight, it takes a long term strategy from a legitimated SEO business with a proven track record. Search engine optimization, done well, can help your business expand your online presence and attract eager buyers for your products and services.

If you didn't request any information about SEO services, and you don't know the sender, there’s a 99.9% chance it’s spam.

You’ve heard it a million times… but “If something sounds too good to be true, it almost definitely is”.

There are web development companies all over the world – legitimate web design companies!

A lot of spam emails claim they are part of a large group of professionals from India and they want to design your next website. Sometimes these are start-ups or inexperienced tennagers, but sometimes these are malicious emails just trying to get your information and take your money.

You’ve probably seem an email like this:

Hello,

I sincerely hope you are doing well.

We are India based Web Design company with primary focus on SEO based Website Design & Development (PHP development).

We have a dedicated team of 150 professional designers, developers and SEO specialists; especially for Graphic/Flash/3D designing.

We can assure you of getting quality works. Most firms overseas have achieved a significant amount of savings by outsourcing either part of, or their entire work to us in India.

We would like you to give us an opportunity to work with your company and AMAZE you with our service.
Please let us know in case you are interested.

Kind Regards,

Damita

They always use an outlook email or Google email address (Free email accounts). Never a full name, phone number, company name, address, or website.

Some spammers will crawl the web to collect email addresses so they can sell them to other spammers. An email address once posted on the web is likely to be spammed forever, even if was removed from the web.

Hi,

I am reaching out to see if there is anything that would like to upgrade, repair, or redesign on your site.
I am web Designer / Developer that can do just about anything you can imagine at very inexpensive prices.

Let me know what you think.

Thanks & Regards.

Akshay

And...

Hi,

I am Georgiaa Web Development Manager in India and I work with 100+experienced IT professionals who are into:
Website Designing, Web Development, PHP Development, e-Commerce solutions, iPhone And Android Apps Development.

May I know if you are interested in any of these services?

If you are interested, then I can send you our past work details, company information and an affordable quotation with the best offer

Thanks & Regards,

Georgia

Web Development Manager

Back in 2012 there was a BBC article that said India was leading the world in junk emails. But times change.

According to Digit News in 2021 almost half of all emails sent were spam, with Russia as the top country of origin (24.77%) with Germany (14%), China (8%) and the US (10%).

Maybe I receive these emails from India because I manage a lot of domains. But I have to assume everyone who has a website gets these kind of emails (spelling and grammar as it was received).

Hello,

My name is Liliana Donato, and I am from India. I’m just checking with you to see if you’re interested in redesigning or upgrading your site, or if you’re interested in building a whole new site completely.

If so, I’d love to tell you a little bit more about my abilities and show you some of our work. We are having a very skilled website developer in our company with various abilities and can develop anything.
I look forward to hearing from you.
Thanks,
Liliana Donato.

Sometimes they use American sounding names:

Hello,
My name is Cheryl, I’m just checking with you to see if you’re interested in redesigning or upgrading your site, or if you’re interested in building a whole new site completely.

If so, I’d love to tell you a little bit more about my abilities and show you some of my work. I am a very skilled web designer with various abilities and can develop anything.
I look forward to hearing from you.
Thanks,
Cheryl.

Some of them claim to be a leading Search Engine Optimization Company.

HI ,

Hope you are doing well.

My name is John and working with a reputed leading Search Engine Optimization Company having the experience of getting our customer's websites top in Google and producing high revenue with top page rank.

I was searching related to your business on Google and saw your website is not on first page on Google for most of the relevant and user oriented keywords pertaining to your domain so
I was wondering.

If you would be interested in getting very Affordable Search engine optimization done for your website.

You Can contact me with:-

I'd be happy to send you our package, pricing and past work details, if you'd like to assess our work.

Feel free to discuss any other any queries.

Thanks & Regards
John
Manager-Business Development Team

As with any spam email, they get sent out because enough people will reply or follow a link. I don’t know of any other time or situation where you would encounter this type of unwanted communication.

What if you came home and there was a note on your front door that said: “I am a very good housekeeper, I work cheap hire me – Bob” Or if you received a letter from an unknown dentist that said you needed a root canal and to schedule an appointment – but it gave no address or phone number, only a first name and a Gmail address?

My name is Ryan and I run a website design firm with 70+ web designer.
Are you looking for a reliable and affordable website designer?

Our web designers specialize in HTML/CSS, PHP & MySQL, WORDPRESS, and GRAPHIC DESIGN...
PS: - if this is something, you are interested please respond to this email for Portfolio and Price list.
Thank you
Ryan
Business Development Executive

These are some of the ways you can tell if an email message is spam.

The message is sent from a public email domain

No legitimate organization will send emails from an address that ends ‘@gmail.com’, @AOL.com, @Outlook.com, @Yahoo.com Etc. A legitimate company will have their own email domain and company accounts.

Always look at the email address, not just the sender. A sender can use a bogus email address and select a different display name.

The domain name is spelled wrong – but just enough that it’s almost unnoticeable.

Always check the sender's email address listed at the top of your email client. Anyone can buy a domain name from a registrar. Every domain name must be unique, but there are plenty of ways to create email addresses that almost look right.

For example g0daddy.com, goda66y.com, paypall.com, ammazon.com… A scam email usually has a fairly bizarre email address behind what looks like a genuine sender name.

The email is poorly written

Poor spelling and grammar won’t be picked up on as easily by more gullible, older people, or people who have compromised IQ’s. This is why the famous Nigerian Prince scam is still around after all of these years.

Suspicious attachments or links

Never open any attachment from someone you don’t know – just don’t do it! Especially if there is an attachment and the sender never mentions anything specific about the document.

If you get an email that looks suspicious – never click on any links in that email. However, you can hover your cursor over links contained within an email to determine if the link URL is legitimate. If you have an email that looks like it’s from American Express you would expect to see a link something like: https://www.americanexpress.com/someothertexthere. If it’s a malicious email you will instead see something like http://russianscam.americanexpress.ru – or a long line of gibberish.

Sense of urgency

Legitimate email messages should not urge you to act quickly or try to frighten you by mentioning problems with your website or how much money and visitors you are losing.

If it sounds too good to be true

The old saying – if it sounds too good to be true it probably is. Also – nothing is free…

Promises of first page on Google, more visitors, free web design, hundreds of IT professionals, etc.

Hi there!

I hope you're well.

My name is Jospehine Waris I work for a local Search Marketing company in California.

I was doing some research on some of your competitors when I came across your website.

I ran an analysis on your website using one of our softwares and I have found some areas and simple coding issues that are harming your search rankings.

Would you be interested in this report?

I am more than happy to send it to you (free of charge of course) all I want is the opportunity to discuss how I could help improve the search traffic and customer enquiries you receive from your site?

May I send it to you?
Kind Regards,
Josh Waris

Or...

Hello,

Hope you are doing great.

I wasn't sure if you had seen the error report for your Website listing or not but when I come across your website while checking 3-4 pages of Google Result, I found some issues in your website which can be resolved by yourself even if you are not so much technical.
So if you give me the permission, I would love to share you report for your website without any charge.

Let me know if you are interested.

Regards
Samantha

If you are interested in the free of cost and no obligations audit and keywords recommendation report, please reply to this email and one of our consultants will share the report.

Or...

Hi,

My best designer built you an amazing new design for your website. May I send you the link?

Thank you,

 

Lately a lot of us are getting bombarded with unsolicited and poorly written emails from Eric Jones. 

They usually come through a website contact form, and even adding Google reCAPTCHA to the form doesn’t seem to help. Every email is sent from a different IP addresses, so we can’t block the IP. 

A typical email looks like this:

First name: Eric
Last name: Jones
Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
Phone: 555-555-1212

Share your experience or ask a question: Hi, my name is Eric and I’m betting you’d like your website to generate more leads.

Here’s how:

Talk With Web Visitor is a software widget that’s works on your site, ready to capture any visitor’s Name, Email address and Phone Number.  It signals you as soon as they say they’re interested – so that you can talk to that lead while they’re still there at americasrepairforce.com.

Talk With Web Visitor – CLICK HERE http:// talkwith webtraffic.com for a live demo now.

And now that you’ve got their phone number, our new SMS Text With Lead feature enables you to start a text (SMS) conversation – answer questions, provide more info, and close a deal that way.

If they don’t take you up on your offer then, just follow up with text messages for new offers, content links, even just “how you doing?” notes to build a relationship.

CLICK HERE to discover what Talk With Web Visitor can do for your business.

The difference between contacting someone within 5 minutes versus a half-hour means you could be converting up to 100X more leads today!

Try Talk With Web Visitor and get more leads now.

Obviously, that alias “Eric Jones” is fake. So who is hiding behind this mass spam campaign?

There is no company phone number or address, there is a website though - total scam with no contact info on that website. No legitimate company would send out so many spam emails. 

Digging around on the internet it appears Talk With Web Visitor is operated by a Canadian company Trade World Corporation. Of course they have a F rating with the BBB, and the reviews show that other people and web companies have been continuously spammed by them.  Some unfortunate people have even signed up for their service only to find that it is nearly impossible to cancel the account.  Apparently, once they have your credit card number they will just keep charging it.

You may also get a version of this email with a link to another website – Jumbo Lead Magnet.

Some of the online reviews for Talk With Web and Trade World Corporation:

“Trade world corporation is a SCAM!”

“If you try to terminate the service … You CANNOT!     They will make you go to a special web page which requires a CODE to terminate the service.  They WILL NOT Give you this code”

“They will KEEP ON CHARGING YOUR CARD EVERY MONTH!!!”

“They will SPAM you FOREVER.”

“Do a search on talk with lead review. LOOK at all the RIPOFF REPORTS!”

If you receive an email from these people , assume it originated from a criminal. Do not contact the sender of the above email. Do not provide them any of your personal information, Do not click the unsubscribe link. Do not send them any money. The only intention of the scammer who sent this email is to steal money and information.

Always avoid all website links that any scammer sends to you because their websites are all fraudulent and may also contain hidden Malware or Spyware.

The best thing to do is to report deceptive or suspicious spam to the Federal Trade Commission.  You can forward the email to This email address is being protected from spambots. You need JavaScript enabled to view it.. The FTC uses the spam stored in this database to pursue law enforcement actions against people who send deceptive email.