As someone who has spent a long time helping clients protect their WordPress websites against scum-of-the-earth hackers, something happened this week reminding me of the need to remain vigilant against phishing emails.
I received an email that looked a little suspicious and got some experts concerned.
Here are some lessons in online safety.
An offer too good to refuse?
Last week, I received an email from Kyle Z (I’m using a fictitious name to protect the privacy of the person concerned, in case they are real), purporting to be a Facebook representative and inviting me to be part of a Start To Success program.
According to the Facebook website, this program offers you a $50 coupon if you agree to spend at least $50 a day for 28 days in Facebook advertising, that’s $1400.
Apart from being an underwhelming offer, there were some issues with the email that raised my suspicions, namely:
- Our Google email filter dutifully informed me that while Kyle wanted me to see his email address as kylez@sales.fb.com, the issuing domain name was actually: j49vgcxxxxgc6cdq.5tjka.a-k9kfmas.na7.bnc.salesforce.com (I have disguised the domain with 4 Xs to protect identities)
- Secondly, the Facebook logo in his email signature looked odd and the text of the signature area is in the ‘reply blue’ colour that looks like it has been copied and pasted from somewhere else.
- Finally, to make matters even more suspicious, the email field in his signature area says “kylez@sales.fb.com?????????”
Putting a voice to the name
I am forming the opinion that Kyle is real, even though the system Facebook is using needs a major overhaul.
Firstly, Kyle approached me as an admin of a client’s page. There is no public means for knowing I am an admin of a particular Facebook Page, so this suggests he has behind-the-scenes access.
Secondly, he has called me a few times to follow up the email. Again, this double whammy of email AND phone call follow up is rare among spammers (not rare among aggressive telemarketing style companies, especially those that say they are from Google when in fact they are just a fly-by-night Google AdWords resellers).
Thirdly, I looked him up on LinkedIn and, to be sure (that is a cheeky, Irish reference to Facebook’s tax haven in Ireland), Kyle Z has his role listed as a Lead Generation Representative at Facebook, Auckland, New Zealand. Very few spammers go to this level of detail.
The simple way to stay safe
Apart from simply ignoring any unsolicited sales enquiries, there are some steps you can take to test whether emails are genuine.
A quick Google on ‘Facebook phishing email test’ took me to the Facebook Phishing Page, where they say you can forward suspicious emails to phish@fb.com for them to check it out and let you know.
Interestingly, I have heard nothing back from them in a week.
Given that SalesForce was also part of the issuing domain, I did a similar search and found security@salesforce.com was the address to send suspect emails to.
Lo and behold, SalesForce got back to me within 36 hours with this:
Steve,
This looks like targeted spam. We see messages like this all the time from marketers who think it is a good idea to make blind sales pitches via
email. This particular email is interesting because of the uncertain origins. I would strongly advise just deleting it.
Thanks for letting us know!
So I will engage with Kyle when he calls, despite the fact that this company with rivers of gold has such poor, doubt-inducing systems for lead generation.
I hope this will prompt you to review your email and sales lead systems to make sure you are not damaging your reputation before you begin by allowing sloppy and confusing errors to poison your well.
