How did RadiateWP handle a Phishing Email?
As a website maintenance and support service, RadiateWP receives many different questions from our clients, including issues with phishing emails. A couple of weeks ago, a client forwarded an email to us that came in through an online form on her website. This email was from a “certified photographer”, claiming that our client had used one of her images illegally and threatened to sue. Admittedly, this is something that happens and is an issue that you should take seriously. It just so happens that we had recently redesigned this site. Our team had purchased all of the images on a stock photography website. We were able to provide receipts and proof of ownership for each image. So how did we determine that this was indeed a spam message?
We used the following analysis points
Verified author name and business
The first place that you start to determine if you may be dealing with a phishing email is to determine the legitimacy of the author and the business. If this person were indeed a photographer, she would have a presence on the internet. The email did not mention a website URL for her photography business. It only said her first name was Melynda. A Google search produced no results for a photographer by that name.
Examined the Email address
Looking at the type of email address can be helpful when investigating if you are dealing with a phishing email. Legitimate businesses will use a domain name email address. The email came from a Hotmail address, and it was a string of numbers following her name.
Carefully Reviewed the wording of the email
The wording, content, and text of the message is often one of your strongest clues that you may be dealing with a phishing email. It is important to read the email carefully. Are their words misused? Does the composition sound off? In this case, we had several clues. First of all, there is no such thing as a “certified photographer.” She used the phrase “saw my images at your web-site.” The hyphen and using the word “at” was strange. The author also said, “It’s Illegitimate to use stolen images, and it’s so wicked.” We can only guess they meant to say illegal rather than illegitimate. The use of the word “wicked” was also bizarre and sounded alarm bells. In the end, she throws in the lawsuit threat and says, “And if it is not enough, I am going to take it to court! And I will not bother myself to let you know of it in advance.” Again, the very structure of these two sentences makes this suspect.
Examined their Intent
Generally an email will have a purpose and they will have an action that you want to take. In this particular instance, she wanted the reader to click a link to a document that showed the images and proof of her copyright. If this was legitimate, why didn’t she provide specifics as to which page on the client’s site had the alleged stolen image?
And most importantly, DO NOT CLICK ANY LINKS
The most dangerous part of a phishing email is insecure links that may be included in the email or attachents. The URL that she wanted the reader to click started with sites.google.com/view/id1008900044/… You should never click any link or open an attachment unless you are sure of the identity and trustworthiness of the sender. In this specific instance, it is notable that the author wanted the reader to click a link as opposed to just state in the body of the email which image she claimed was stolen.
Many phishing email scams successfully coerce their target into taking action. Phishing is not only done through emails but also phone calls and even snail mail. While they may have different content, follow the five steps above as a guideline for determining legitimate from illegitimate messages. And as always, you can contact us at RadiateWP, and we can help.