“You’re kindly fired, scammer.”

Prevalent on the Internet, phishing emails have more or less visited your inbox or confronted with you face to face. Which group of people is the most susceptible to phishing scams? The answer is, those who have never met a phishing email before.

When you are adept enough at recognizing phishing scams, you will be able to swindle the swindlers, just like in the Reddit post #Just tell scammers they’re fired.

What’s the scam here?

The bait in a job scam is usually a well-paid and undemanding job, for example, $100 per hour working from home. Merely replying “Laura” with your CV may not be a big deal (be confident, you will always get the job they offer), but the scam unveils itself as follows…

#Version 1

You are a great fit! You are more than welcome to join our company. To proceed on new employee on-boarding, I will need your social security number (SSN) to run a credit check. The leaked SSN and name enable the scammers to do almost everything a legitimate SSN holder can do.

By assuming a real person’s name and SSN, a thief can steal property and money from that person. If an identity-theft victim’s name and SSN are used by criminals, it’s the victim whom the police will be looking for.

#Version 2

You are made for this job! Since you’re going to work from home, you’ll receive a check to purchase office equipment, including a laptop and a printer etc., with a total value of $5000.

Scammers would probably either have you spend the money with their vendor for supplies – you’re sending them your real money and their check will eventually bounce and you’ll get no office supplies.

Or they would have you wire back the money you didn’t spend or wire money somewhere else to someone for something. Again, it’s your money and their check will bounce eventually. (via artemislt)

What does “kindly” mean?

Discussions in the post hilariously gave several examples of abusing the word “kindly” in phishing emails, so much so that some said, “it is the number one way to detect scammers.

According to 5x5Lab, “kindly” is a nice but unnecessary word in American conversation, but it tends to be used in these overseas phishing schemes. It just might give you that mental jolt to avoid pursuing that offer or deal that will likely be a disappointing experience.

Apart from the urgent tone, threatening tone and financially luring tone, watch out for the strangely courteous tone.

So, phishing emails are easy to spot, right?

Not exactly. With an almost stupid example of the wording of phishing email, you may think it easy-peasy to tell a phishing email from a legitimate once.

However, the incautious behavior of phishing email serves as a sifter of the smart fishes. Those who are mentally vulnerable are more susceptible to social engineering and are more likely to fall for the subsequent traps, thus are idea prey for scammers. (via @ artemislt)

Well, I would say, if hackers hold such a belief, they have already lagged behind. The most dangerous hackers focus themselves on well-investigated targets through social engineering and don’t mind to cast an extreme long line and wait for a long time to get you baited.

Instead of constantly concerning about potential risks with email, a strong and handy 7/24 tool is much more recommended. The tool mentioned here is Mr. Post, an add-in that incorporates cutting-edge tech and domain knowledge of senior security experts. It will help you decide the legitimacy of an email with what you can see and cannot see.

Fire the scammers and hire Mr. Post. Try it out on Microsoft AppSource.

GET PROTECTED NOW

2019-06-03T10:25:10+08:00May 28th, 2019|Insight|