In these uncertain times, don’t you wish that you could wave your worries goodbye? The latest scam email is from a medium, who promises that the ‘Spiritual World’ has pointed its attention to you, and your worries will belong to the past forever.
This scam email provides us with the perfect opportunity to discuss social engineering, as well as how to spot the hallmarks of a phishing email.
What is social engineering?
Social engineering is the act of manipulating an individual’s emotions and natural tendencies, for the purpose of acquiring information and/or for financial gain. For example, a scammer may adopt the identity of an IT support engineer in order to convince you that your computer has been hacked, or a bank assistant in order to convince you that your account has been compromised.
From a psychological perspective, adopting the identity of someone in authority is incredibly powerful. We’re used to depending on people in authority to solve problems, particularly where the problem is something out of our immediate control (like a bank account) or something that we might not have a great deal of knowledge about (like the security of your computer). When we’ve been told that something has gone wrong, it’s comforting to know that someone is able to solve the problem for us.
Social engineering scams exploit the trust we have for people in positions of authority, as well as the fear we feel around something that is outside of our control, or that we feel uncertain about.
A message from the beyond
The email from Medium Amanda doesn’t neatly fit into this definition of social engineering; however, many of the tactics used are the same ones we’d find in a phishing email, or a fake IT support call.
The email from Medium Amanda has the subject line, ‘I have important news for you!’. Just like a phishing email, the intention is for you, the receiver, to open the email quickly and without thinking too much. Something has also gone slightly wrong in the header; we assume it is supposed to read, ‘Dear Transcendit’.
The second paragraph of Medium Amanda’s email is an interesting one, and shares a number of the hallmarks of romance fraud. There are a huge number of assessments of your character here, the majority of them complimentary, ‘you are a very special person’, and ‘you often worry - not just about yourself, but also about others’.
The intention of these statements is to ‘prove’ Medium Amanda’s legitimacy; how can she possibly know all of these details if she wasn’t in touch with great spiritual powers? Unfortunately, the statements are also intentionally wide reaching and could apply to the majority of people; many people have experienced worry that has kept them from sleeping.
In this section we’re trying to be convinced of the sender’s authority, as well as being complimented sufficiently that we don’t see through this weird scam and send the email to junk.
As you can see, the email is littered with links, which when hovered over look to take us to Medium Amanda’s website. The links themselves, just like links in phishing emails are designed to convince you to click - ‘all of your financial worries will belong to the past’, ‘click here in order to make your greatest wish come true’.
Unless your greatest wish is to lose an awful lot of time and money to a scammer on the internet, we’d remind you to never click a link in an email from an unknown sender. You can hover your cursor over the link to see where it’s planning on sending you.
Finally, there’s a deadline, ‘this unique offer is only valid for 3 days’. The deadlines in phishing emails are designed to encourage you to click first, think later - because the longer you spend looking at an email like this, the more likely you’re able to tell that it’s fraudulent. Phrases such as ‘don’t miss this opportunity!’ ‘React now’ and ‘I am sure that you really should accept this offer’ are all there to convince you to respond.
What’s so convincing about this scam?
Obviously, this scam email is pretty silly, and we’re imagining it gets less responses than an email from someone pretending to be TV Licensing. However, the email does play on emotions to a much greater extent than some of the phishing emails that we’ve seen.
Whoever or whatever is behind the Medium Amanda email, it plays on the vulnerability of its recipients. Those experiencing a great deal of stress, anxiety, financial trouble and even loneliness are uniquely vulnerable to these kinds of scams, which plays into the idea that there could be a quick fix or an easy solution.
Generally, phishing emails, fake phone calls and scams follow this pattern; playing on the vulnerability of individuals and exploiting them for personal gain. Remember to slow down, don’t click the links and think carefully - and if you’re unsure about the legitimacy of an email, get in touch with your friendly IT support team.