Possible new #email #scam ?

I’m not a programmer so I’m just guessing that the two emails below are scams, but whatever they are, any change of pattern deserves caution.

So what are these changes of pattern?

I’ve noticed two, and they both involve the email address of the sender. Before I show you what I mean, it’s worth having a quick look at the standard parts or components of an email address. I’ll use my gmail address [this is my public email only] to illustrate:

meekasmind@gmail.com

The components are as follows:

  1. the username – i.e. meekasmind
  2. the @ symbol
  3. the mail server – i.e. gmail
  4. the top level doman or extension – i.e.  .com

The @ symbol never varies but the username could be just about anything, same with the mail server, however the top level doman is usually restricted to a few familiar extensions. These include:

  • .com
  • .org
  • .net
  • .info

I’m sure there are more, but those are the main ones, off the top of my head. Outside of the US, these extensions often include the country code – e.g. .com.au for Australia.

Now have a look at the screenshots of emails I received just this week:

security scam concert-tickets

This is the first one I received. Note the .stream extension. Now it is possible that new extensions were approved while I wasn’t looking, but when I searched for the ‘concert-tickets‘ mail server from which the email supposedly came, I found nothing. Zip, zero, nada.

The next day I received three more emails with the hypenated mail server name and the .stream extension. Hmm..a pattern emerging here.

Then today a variation on the theme:

security scam or hack 2

Instead of a .stream extension on the email address, we now have a .download. Assuming the .download and .stream extensions are legitimate, just exactly how many of these extensions are there?

Note something else as well. Under ‘Improve Your Vision’ [which is a link to another web location] there is vertical line. That line is not a truncated picture holder [given that Firefox blocked the images embedded in the body of the email*]. Nor is it an error. That line is another link.

Why is that line potentially significant?

Because even people who know to be wary of links in emails might click it just to find out what it is.

For me, another suspicious thing is the lack of ‘other’ information in any of these emails. Now it’s possible that the blocked images contain more information – i.e. text – but as a form of marketing, this doesn’t seem to be very smart. Which leads me to suspect that it’s not really marketing at all.

If anyone knows anything about these ‘new’ extensions – i.e. whether they are legitimate or not – please reply in comments. Until we know for sure, however, please treat these kinds of emails as potentially dangerous.

cheers

Meeks

*The reason Firefox blocks at least some images in emails is that certain images ‘can’ contain malicious code. I’m not sure how that works, and I’m not sure how often it happens, but I know it’s a possibility.

Advertisements

About acflory

I am the kind of person who always has to know why things are the way they are so my interests range from genetics and biology to politics and what makes people tick. For fun I play online mmorpgs, read, listen to a music, dance when I get the chance and landscape my rather large block. Work is writing. When a story I am working on is going well I'm on cloud nine. On bad days I go out and dig big holes... View all posts by acflory

8 responses to “Possible new #email #scam ?

Don't be shy!

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: