Spotting phishing and fake order spam in 5 seconds flat

We get these fairly regularly (1 per week), and occasionally our website maintenance clients forward one to us. Who knows how much time their salespeople waste following up on fake orders, only to decide at the end that the order is fraudulent. Or worse, they ship the order only to find that the payment fails.

Review the following message and I’ll tell you how you know its a BS phishing or fake order spam in 5 seconds flat!

from Carl Harrison
to
bcc submissions@3-prime.com
subject Urgent Order
Good Day,

Hello my name is Carl and with regards to your company, well I email to know if you do have ( Portable Garages ) in-stock for sell and if you do have the ( Portable Garages ) email me back with the types, sizes and the prices on them and also do you accept credit card as a method of payment ? Waiting for your respond back.

Thank You
Carl Harrison

  1. To Address: email isn’t sent to an appropriate person, strong signal it is spam and sent indiscriminately. In this case they BCC’d me, and I don’t even work there! If it makes no sense, don’t waste your valuable time on it!
  2. Subject: Unspecific but related to an “Order” or “Purchase”. The fact that it doesn’t say anything about the order, why its urgent or what their timeline is all signal that the order is fake or seeking to start a scam.
  3. Email Body: “With regards to your company” If they are ready to order, why wouldn’t they properly refer to your company?
  4. How you know in 5 second flat that this is a fake order is that the text in the email body is being filled in by a script. In this case they encapsulated the variable values in parantheses and also failed to make the keyword blend with the text. Furthermore, the request about the product states that basically any size might do, clearly not an urgent need for anything specific.
  5. The second way you know immediately that this is phishing related is they are offering upfront to use their credit card. Period. Real people don’t write emails like this.

If you want to look a little deeper, Google their email address: http://www.google.com/search?hl=&q=”carlh32@yahoo.com”

I choose this example as the best illustration to show that this scammer has been using the same lame script for a while now.