Scammers are always looking for a way to rip off cash from someone else.
China, our wonderful trading partner that brings us lots of smart, hard-working people also brings us smart hard-working scammers and hackers. Not to mention stealing our intellectual property and massive human rights violations.
The most recent scam I’ve seen is aimed at business people who use Google AdWords.
Over the past two weeks, I received spam that says my Google AdWords Billing information needs to be updated. I didn’t believe that for a second and when I cursored over the link, what showed as https://adwords.google.com in the message was shown as http://adwords.google.com.ork0r.cn/select/Login/ in the status bar.
As you see, that looks like a google URL, until you notice the rest of the domain part up to the slash.
If I wasn’t a veteran of the web since the early 1990s, maybe they could have fooled me. This often fools people who are newer to the web, but it needn’t be that way. Many people don’t understand URLs and several things can cause a problem for you.
The first thing that can get you into trouble is not paying attention. If you don’t pay attention, even a smart person can be tricked into giving up their login and password.
You must always realise that anyone can pretend to be a trusted email sender, creating a message that looks legitimate, from someone you know and trust, but is really a trojan horse silently waiting for you to let your guard down. Email is not a secure system.
Without going into too much detail here, there are two main things to do next. First, determine if the message seems reasonable to you.
There are a few things the scammers still can’t do. They don’t know you or how Google refers to you. The same thing goes for PayPal and Bank scams too. Goggle, PayPal and your Bank call you by name. They will never address you “Dear Google AdWords Customer!” “Dear PayPal Member” or “Dear Customer.” That is the way most of the scam messages look.
If you see that, you should delete the message, end of story. Most times, that will be enough. If your email address contains your name, the scammers could use that information to personalize the message and you could still be vulnerable if you don’t do more checks.
The next thing to look for is the domain name shown in the message. If the message is in plain text format, you will see the URL and you can determine if it is real or not – as long as you understand the construction of URLs. If the message is in HTML format, the scammers have more tricks up their sleeves. They can make the link text on the page say one thing, and send your browser somewhere else when you click the link.
To check that, put your cursor over the link and look down in the email program’s status bar. If you see something other than what you saw printed on the page, you should be suspicious and you need to check the domain name part of the URL. If the rightmost end of the domain name isn’t what you expected, the message is a scam and you should delete it.
Be careful, the scammers will keep sending their garbage to you, changing their approach constantly, just waiting for that one time you lower your guard. Don’t let it happen to you, it can really mess up your business.
Today’s google scam subject line is “Our programme terms have changed.” Look for variations on that theme.
Another day, another headline “Please submit your payment information.” This time, the senders aren’t so smart. They messed up the URL: http://adwords.google.gelisbankcn/select/Login – so this time, we’re safe, the URL doesn’t work.