How do you know if an email is real or just a scam? If you’ve ever wondered this before, join me as I expose an email scammer and walk you through the process I used to uncover the truth behind the lies.
Like many people, I receive a daily barrage of spam and scam emails practically every day.
It used to be that the emails were easy to spot: the typical Nigerian prince or “you’ve won the lottery!” type stuff.
But email scammers are getting much more sophisticated, as this most recent example shows. And interestingly, they’re not always looking to scam you out of money or your personal information.
In this article, I’m going to walk you through the process of exposing this email scam and show you what I did that made them take down their website and delete the email address!
- Anatomy of the Scam: This is what they did
- Process of Uncovering the Truth: This is how I responded
- The End Result
I hope you enjoy and learn from my experience!
Anatomy of an Email Scam: The Copyright Lawyer
A few weeks ago, I received an email from a woman named Jillian who claimed to be a copyright lawyer. It was written in proper English, with good grammar, and was delivered through my website contact form.
It has come to the attention of our client that this website, which you own, used his images without approval and without any proper credit to the copyright owner.
Now I’ve been blogging for more than a decade now and in the past I’ve inadvertently used images without permission.
I’ve also been chased by real copyright lawyers who are ruthless and extremely mean. I know this stuff is legit.
The email was threatening a fine of up to US$150,000 and legal action against me. Scam or not, they had my attention.
But how could I know for sure that this was real?
I began to dig…
Exposing the Scam: Process to Uncover the Truth
If you’d like, you can watch the entire process of how I exposed this scam on the YouTube video below:
Be sure to subscribe to the All Things Secured YouTube channel!
Although the process to exposing a scam is different for ever situation, there were three steps as I went to uncover the truth.
Step 1: Carefully Verify the Domain
The first thing I wanted to do was check out this law firm. Any good law firm will have a website, and this scammer had set up their own.
IMPORTANT: I didn’t immediately click any links in the email (I used the S.T.O.P. method to prevent email phishing) nor did I immediately access their website.
Instead, I went to Google’s Safe Browsing page and typed in the law firm’s URL. At the time, it was listed as safe, but as you can see now, it’s been marked as a scam.
If the report had shown “unsafe”, I wouldn’t have accessed the website and I would have immediately known that it was a scam.
However, at the time, it was listed as “safe” for browsing.
The website looked ok – not the most professional I’d seen, but not bad either.
So next I checked the “WhoIs” for the URL to see who owned it. You can do a WhoIs check on GoDaddy.
Usually, this kind of search doesn’t yield much since it’s possible to hide behind simple privacy walls.
What I did see, however, were the nameservers for the website.
A US law firm that hosts their website on “IPChina163.com”? That doesn’t seem right at all.
So far, this law firm website was throwing up a number of red flags.
But what about this copyright claim?
Step 2: Verify the Scam Email Claim
The next steps was to determine if there was any merit to the claim that I had stolen an image without permission.
So I replied to Jillian and asked her which image she was referring to.
She quickly replied back with the URL to one of my blog posts with an obvious stock image of a traffic jam.
Thankfully, I now use Adobe Stock to find images like this and I looked to see if I had licensed this image.
Sure enough, I had:
See that “Licensed” check on the bottom right? Yea, that means I was in the clear.
So far, everything pointed to the fact that this email was a scam, but I wanted to double check before I started interacting with the scammer.
Step 3: Checking All the Details for Inconsistencies
On the law firm website, there was both a phone number and address listed. I could have called the phone number, but I didn’t have to.
Because the address was an easy lookup.
And what I found at the address was pretty much the last bit of confirmation that I needed:
This is pretty much the weirdest location for a law firm you can imagine.
I mean, how hard would it be to just change the address to a simple office building?
It was the last straw for me. I knew it was a scam.
Now, I just needed to find out what they wanted.
The End Result: How the Scam Ends
Now that I knew the law firm was a hoax and the claims were bogus, I was ready to interact with the scammer.
“What are you wanting?” I asked, expecting money or bank information.
Their answer surprised me.
“We want a link to this website: ____________“
This whole scam was a link building technique! And a very “black hat” one, if I do say so.
After a little bit of back and forth, I finally told them that I was privy to the scam and that I would be reaching out to every website that had linked to them and tell them it was a scam.
They never responded to me again.
The website was taken down and the email address was deleted.
Final Thoughts | Email Scams
There are a couple things you can learn from this email scam that I think are important:
- Just because a website exists does not mean that the company is legit. Creating a website is extremely easy.
- Not every scam is looking for your money or social security number.
- Scammers will only interact with you for as long as they think they have you on the hook;
Unfortunately, there’s nothing that I can do to report this scam or get the scammer in trouble.
The scam will be reborn as a new website, with a new email address and a new alias.
But hopefully – you’ll be wise to these dumb tricks and it won’t be effective anymore!