How do you know if an email is real or just a scam? If you’ve ever wondered this before, join me as I expose an email scammer and walk you through the process I used to uncover the truth behind the lies.
Be sure to subscribe to the All Things Secured YouTube channel!
Like many people, I receive a daily barrage of spam emails practically every day.
It used to be that the emails were easy to spot: the typical Nigerian prince or “you’ve won the lottery!” type stuff.
But email scammers are getting much more sophisticated, as this most recent example shows. And interestingly, they’re not always looking to scam you out of money or your personal information.
In this article, I’m going to walk you through the process of exposing this email scam and show you what I did that made them take down their website and delete the email address!
I hope you enjoy and learn from my experience!
Anatomy of an Email Scam: The Copyright Lawyer
A few weeks ago, I received an email from a woman named Jillian who claimed to be a copyright lawyer. It was written in proper English, with good grammar, and was delivered through my website contact form.
It has come to the attention of our client that this website, which you own, used his images without approval and without any proper credit to the copyright owner.
I’ve been blogging for more than a decade now and in the past I’ve inadvertently used images without permission.
I’ve also been chased by real copyright lawyers who are ruthless and unbelievably greedy. I know this stuff is legit.
The email was threatening a fine of up to US$150,000 and legal action against me. Fake or not, they had my attention.
But how could I know for sure that this was real?
I began to dig…
Exposing the Scam: Process to Uncover the Truth
Although the process to exposing a scam is different for ever situation, there were three steps as I went to uncover the truth.
Step 1: Carefully Verify the Domain
The first thing I wanted to do was check out this law firm. Any good law firm will have a website, and this scammer had set up their own.
Instead, I went to Google’s Safe Browsing page and typed in the law firm’s URL. At the time, it was listed as safe, but as you can see now, it’s been marked as unsafe.
If the report had shown “unsafe”, I wouldn’t have accessed the website and I would have immediately known that it was a scam.
However, at the time, it was listed as “safe” for browsing.
The website looked ok – not the most professional I’d seen, but not bad either.
So next I checked the “WhoIs” for the URL to see who owned it. You can do a WhoIs check on GoDaddy.
Usually, this kind of search doesn’t yield much since it’s possible to hide behind simple privacy walls.
What I did see, however, were the nameservers for the website.
A US law firm that hosts their website on “IPChina163.com”? That doesn’t seem right at all.
So far, this law firm website was throwing up a number of red flags.
But what about this copyright claim?
Step 2: Verify the Scam Email Claim
The next steps was to determine if there was any merit to the claim that I had stolen an image without permission.
So I replied to Jillian and asked her which image she was referring to.
She quickly replied back with the URL to one of my blog posts with an obvious stock image of a traffic jam.
Thankfully, I now use Adobe Stock to find images like this and I looked to see if I had licensed this image.
Sure enough, I had:
See that “Licensed” check on the bottom right? Yea, that means I was in the clear.
So far, everything pointed to the fact that this email was a scam, but I wanted to double check before I started interacting with the scammer.
Step 3: Checking All the Details for Inconsistencies
On the law firm website, there was both a phone number and address listed. I could have called the phone number, but I didn’t have to.
Because the address was an easy lookup.
And what I found at the address was pretty much the last bit of confirmation that I needed:
This is pretty much the weirdest location for a law firm you can imagine.
I mean, how hard would it be to just change the address to a simple office building anywhere in the world?
It was the last straw for me. I knew it was a scam.
Now, I just needed to find out what they wanted.
The End Result: How the Scam Ends
Now that I knew the law firm was a hoax and the claims were bogus, I was ready to interact with the scammer.
“What are you wanting?” I asked, expecting money or bank information.
Their answer surprised me.
“We want a link to this website: ____________“
This whole thing was a link building attempt! And a very “black hat technique“, if I do say so myself.
After a little bit of back and forth, I finally told them that I was privy to the scam and that I would be reaching out to every website that had linked to them and tell them they had been hoodwinked.
They never responded to me again.
The website was taken down and the email address was deleted.
Final Thoughts | Email Scams
There are a couple things you can learn from this email scam that I think are important:
- Just because a website exists does not mean that the company is legit. Creating a website is extremely easy.
- Not every scam is looking for your money or social security number.
- Scammers will only interact with you for as long as they think they have you on the hook;
Unfortunately, there’s nothing that I can do to report this scam or get the person running it in trouble.
This whole scheme will be reborn as a new website, with a new email address and a new alias.
But hopefully – you’ll be wise to these dumb tricks and it won’t be effective anymore!