Common SCAM and SPAM Emails

C

Questionable SPAM emails, contact form submissions, and even unsolicited snail mail letters are often sent to me by my web design clients for review.

I appreciate that my clients see me as a digital expert and reach out to me directly, even for SPAM email questions. Sometimes a client just wants a second opinion, asking, “Can you confirm that this is junk and I can throw it out or ignore this email?” Other times, I can’t help but think, “You could easily find out the answer to this question with a single Google search.” (Congratulations, you likely found this page because of a Google Search!)

These are a few of the most common SPAM email attempts I’m asked about: copyright violation emails, domain expiration letters, and google recovery emails.


In 2020 and 2021, I’ve seen multiple versions of a scam email that starts by reading:

Your website or a website that your company hosts is violating the copyright protected images owned by me personally.

Email or Contact Form Spam

The most important thing to know about this email is that it is fake and is trying to make you install ransomware! Yikes! You can read more about this destructive Trojan in an article written by Josh Kirschner on Techlicious.com.

Copyright violation SPAM email. This letter is official notice. I demand the removal of the infringing materials referenced above. Please be aware as a company, the DMCA demands you, to eliminate or/and deactivate access to the copyrighted content upon receipt of this letter. If you do not cease the utilization of the previously mentioned infringing materials a legal action will likely be started against you.

IDNS Domain Name Expiration Notice

While not directly SPAM, this is an unsolicited snail mail offer that is written in a way that confuses consumers. You are receiving this letter because you already OWN a domain name with another registrar. Your domain name is VERY LIKELY NOT registered with IDNS. (If it was, you’d likely already be on an auto-renewal plan and would be receiving an email about auto-renewals).

Your domain name is likely up for renewal with GoDaddy, Bluehost, Name.com, or another popular registrar. Moving a domain name takes valuable time and is rarely worth the effort. Moving a domain registrar is definitely not worth saving a few dollars or in this case, paying more!

Most importantly, the advertised pricing in solicitation letters is often much higher than the industry standard. You can renew your domain for less than $10 a year at namesilo.com. IDNS is charging $50/year for the same renewal service!

My take: you can safely shred or throw out this piece of junk mail!

iDNS Domain Name Expiration Notice - paper snail mail. Safe to ignore and throw out. Most importantly, this pricing is much higher than the industry standard. You can renew your domain for less than $10 a year at namesilo.com. IDNS is charging $50/year for the same renewal service!

Phishing Email for Google Recovering Email Address or Security Alert [Often in Russian]

The important thing to do is here is DO NOT click any links in this email. You do not want to accidentally approve or link an unknown external email address to your account.

Remember a real google email is something very simple like noreply @ google.com — an email with a subdomain such as accounts.google is not really from Google. It is very confusing because the “From Name” reads as simply Google.

Any email received from a google address that has the subdomain name of accounts in it is spoofing.

no-reply@accounts.google.com 

Note the word accounts before google.com makes this is a spoof email address and a phishing spam attempt.

Phishing attempt spoofing Google. Fake email address is accounts.google.com. Official google emails come google.com.

Learn more about the email recovery Google Phishing Scam in this Google Support thread.

Website Authority Marketing (Looks like a physical bill mailed to you)

Marketing services solicitation for Website Domain Authority - sent as a physical letter.
Marketing services solicitation for Website Domain Authority – sent as a physical letter.

Bitcoin Giveaway from domain.ai email

A phishing email attempt I’ve seen a few times uses the prompt below but subs [domain] with the business owner’s domain name. The red flag in this email is that most business owners own the .com version of their business website, not the .ai version. The .ai domain extension is a country code for Anguilla, a Caribbean nation. The advice here is to mark the email as SPAM, ignore and delete the email.


Hey there,

I got an email from ekaterina@[domain].ai, asking me to fill my personal info on some Google form to participate in some ‘bitcoin giveaway’ and as I found it lil fishy, I googled “[domain]” and found your site, which seemed legit to me. This is the second time that I have received such an email in the last few days so i couldn’t hold myself but ask it out.

Tell me what to do about this…


Did any of these examples help you?

I hope these examples saved you some grief, and maybe some money, too. If they did, let me know in the comments!

About the author

Kelly Barkhurst

Designer to Fullstack is my place to geek out and share tech solutions from my day-to-day as a graphic designer, programmer, and business owner (portfolio). I also write on Arts and Bricks, a parenting blog and decal shop that embraces my family’s love of Art and LEGO bricks!

Add comment

By Kelly Barkhurst

Recent Posts

Archives

Categories