Once upon a time...
[Wed. 29.04.2020, 3:38AM]
An email arrives into our Raz Technology main mailbox.
What do you see already that trigger your curiosity and you should be careful about?
1. The time, it is a bit unusual for an official email to be sent at a this hour.
But you can imagine that there is a time difference.
2. The email address of the sender: firstname.lastname@example.org
The address isn't matching the platform itself : shopify.
3. The dates mentioned: the billing is usually happening at the very end of the month however the date mentioned on the email is the 20th.
4. The terms used aren't highly professional: "unfrozen".
5. The physical address isn't written properly.
6. Year of registration 2020 isn't correct.
7. The subject line of the email: "Payment delay", "Billing", "Urgent" : no warning before, sense of emergency.
What are the next steps?
1. Check on the back end of your e-Commerce platform, or bank account your billing details the dates of the past direct debit.
2. Check the web address of the link provided: the link is most probably suspicious, it will be signaled by your firewall. If not, check the domain, it is most probably not Shopify domain.
3. Check the query: if it asks you to reenter, or enter a payment method.
4. Report the fraud via email to the service provider, here Shopify at https://help.shopify.com/en/questions#/contact/email.
This is important to prevent other people to fall into the trap.
Do it for the team, as they say.
5. (Optional) if you feel like a detective and want to play their game a bit, you can reply to the scam email asking for more information about the payment, company or date of the last payment received, which is easy to check.
14 minutes ago
billing @ shop*****.com
Thank you so much for notifying us of this delay in payment.
We didn't notice it in the first place.
Could you send us banking details to pay EFT directly the 3 bills that are delayed?
Thank you in advance,
6. In this specific case, I received an email back: "Message not delivered:1 recipient". In fact, the email used has been deleted to avoid tracking. Most probably a few people got fooled and enter their banking details.What's a scam?
\ ˈskam \
"Scams target people of all backgrounds, ages and income levels across the world. There's no one group of people who are more likely to become a victim of a scam, all of us may be vulnerable to a scam at some time.
Scams succeed because they look like the real thing and catch you off guard when you’re not expecting it. Scammers are getting smarter and taking advantage of new technology, new products or services and major events to create believable stories that will convince you to give them your money or personal details."
2. Do some research about who you're dealing with. Most probably someone reported it already. Google is your best tool.
3. Do not open suspicious emails, texts, attachments, links.
4. Keep your personal details secure.
5. Keep your devices secure.
6. Choose your passwords carefully.
7. Be careful when shopping online.
8. Poorer quality presentation, poorer quality grammar and spelling, generic rather than personal greeting, names of organisations that don't exist.
9. Check the different types of scams: Unexpected winnings, unexpected money, threats and extortion, jobs and employment, investments, fake charities, dating and romance online, buying or selling, attempts to gain your personal information, COVID-19 scams.
There is no understandable reason for malicious people to operate, but they do and we'll have to deal with it.