E-Mail scam started at the Polish LOT [scam not directed at translators, but still worth noting] Thread poster: apk12
|
|---|
apk12 
Germany
Local time: 21:49
English to German
+ ...
I think, it might be time to post this story, just in case some of you out there migh experience some business slow-down and react to strange offers coming from another "business".
You would not expect serious fraud and forgery cases starting with a normal flight line, in this case the Polish "LOT", would you? But this is actually what happened.
Background: I am a person actually taking seriously, almost in a paranoic way, care for my private details, meaning. among a... See more I think, it might be time to post this story, just in case some of you out there migh experience some business slow-down and react to strange offers coming from another "business".
You would not expect serious fraud and forgery cases starting with a normal flight line, in this case the Polish "LOT", would you? But this is actually what happened.
Background: I am a person actually taking seriously, almost in a paranoic way, care for my private details, meaning. among a number of other things, also that I am not giving my direct business email box away before having reassured myself of the sender and before several pre-negotiation steps giving me enough hints that giving my mail address is ok in this case.
Now with family issues, this is a bit complicated. For example, I know the weaknesses of my own father, so he too did not get my direct business email address for years. I have a private email box for private conversations.
Logically, there are times when you do not have the needed spare time [or are sometimes indeed just not in the mood for private talk in a busy moment] - so, there are times when I indeed do not check my private box daily or so.
So, at the end, my father protested loudly. "It cannot be that a father can not reach his own daughter for days... what the heck...!" (Background of this: in opposite to my business email, my private email box is, for good reasons, not linked with my email application. So while mails from clients arrive at my desk in real time, for the private mail I take some spare time extra, go to a page somewhere, log in there and check the mails there manually in order to take a look what's going on in my family, friends and further private topics area. Which, admittedly, does not always happen daily.) --- After careful talks, explaining him that this is a direct business address and that he is expected to keep it safe, he finally got the email address.
What did he do?
He sold it, the very first moment he had a chance for that.
When my parents planned a flight, they saw a field saying that they would get "discounts" on their flight if they enter an email address of one of their friends/relatives.
Without consulting me, without asking me whether I allow that, he just simply typed it in.
- end part 1 -
part 2:
A beautiful day and my mail application makes its typical "pling". I check it and find, quite surprised, the first spam email for years in there. [I think, even the very first spam at all in this box aside of the ads of the mail provider, but they are a smaller issue.]
Usually, my only thought would be: "alright, time to move again" and prepare for a new, clean email box. [And for checking how this spammer got my email, since it was the first one, at this point, I had no idea what happened.] However, what deeply struck me was the technical trick inside: the Polish "LOT" sending a spam email that actually looks like sent by you, yourself: my own email address was visible as the "sender".
Now at this time it gets serious, because this is actually posing as "me", this is electronical forgery. Not to mention my second shock - if they are able to do that technically - how high is the risk that others get such an email, written as an email by "me"? And the very next shock: gosh... imagine a mail like that landing on the desk of one of my clients....
I called my father just in order to inform them [it was after all, a Polish "LOT" spam with this technical trick and I knew my parents are flying every now and then and just wanted to warn them about this email]. It was exactly during this talk when I heard from my own dad "oh, never mind, I typed it in, for a discount..."
- end part 2 -
part 3:
Not long after the first spam with this technical trick, a next spam arrives, with dubious job offers, obviously aiming at managers who lost their jobs.
I replied to the company saying that I will file a report about this forgery.
Did it stop them? No way, why should it, the very next day, a 3rd spam arrives, again from this dubious company working with the same technical trick as the Polish "LOT" who my beloved dad sold my own mail address to. This time, it was enough. I answered more direct, now addressing it to some additional personnel of the company plus one of their clients.
Now this here is the answer to my 2nd reply:
Dear Ms [my name],
Thank you for the information about spam mails from xxx.
This is a fraudulent use of an email address which is similar to ours (xxx@ yyz.com versus xxx@ yyy.com) Unfortunately these criminals are using a link to our website to pretend they are us.
This is cyber crime and there is nothing we can do about it, as the holder of these addresses are well hidden on remote places. But we informed the authorities and added a warning to our homepage (pop up message).
We NEVER ask for personal information in an email! And we NEVER offer non-serious jobs! Please do NOT REPLY to any of these emails and do NOT send personal information.
We did not send any of these mails since we do not hold your contact data.
Nevertheless, we apologize for any inconvenience this abuse of our name and reputation is causing you.
Best regards
[her name and full contact details]
----
So, if any of you is flying occasionally and happen to stumble over a Polish flight line:
1) do -not- enter any addresses for "discounts", please, and if you do, don't to that without asking your brother/sister/friend whether they agree to that and if you then do, be aware this might be directly connected to criminal activities
2) if you belong to translators who occasionally switch the sides - do not reply to dubious job post in emails, being sent out currenty, promising you "interesting" hourly rates - you are not an umemployed or freelancing "manager", you are a translator :-]
[Edited at 2012-12-04 12:35 GMT] ▲ Collapse
| | | | | I don't bother so much about my privacy | Dec 4, 2012 |
I would gladly advise e-mail address in case I get the discount
| | | | apk12
Germany
Local time: 21:49
English to German
+ ...
TOPIC STARTER | Your or your daughter's, mother's, colleague's? | Dec 4, 2012 |
Paweł Hamerski wrote:
I would gladly advise e-mail address in case I get the discount
Your own email or that of a relative or colleague without asking them, Paweł?
And have you noted the text in bold above, the reply from the company being currently the targeted victim of ciber crime, just aside of the the other points of this criminal activity mentioned above?
[Edited at 2012-12-04 21:25 GMT]
| | | | | I would never reply to a scam | Dec 5, 2012 |
Hi apk12,
I would suggest never replying to a spam because the only consequence will be for the spammers to confirm that it is a real and active address and, then they will move it to a more valuable database. Besides, you don't really know who they are.
Once your address gets into the hands of spammers you may either ignore them or get a new address.
Regards,
Enrique
| | |
|
|
|
apk12
Germany
Local time: 21:49
English to German
+ ...
TOPIC STARTER | Sure - usually | Dec 5, 2012 |
Enrique Cavalitto wrote:
Hi apk12,
I would suggest never replying to a spam because the only consequence will be for the spammers to confirm that it is a real and active address and, then they will move it to a more valuable database. Besides, you don't really know who they are.
Once your address gets into the hands of spammers you may either ignore them or get a new address.
Regards,
Enrique
Sure, usually. However: a) I have taken care for this mail box for so long and saw that if this is already in a databank somewhere with mail box addresses to deal with [mail addresses for sale], then it's anyway too late, I have to move again, electronically.
b) this case was a bit special, since the way how I got there [by this LOT "discount" field] was clear, became clear after my talk with the person who entered it there. c) the "job" offer mails: they, the two arriving shortly after the LOT mail with the same technical trick ("me" being the "sender") - these were linking to a company that I did not know much of aside of the web page, but from what I have seen they had at least the necessary contact details to protest about that - note that in the moment of the reply I have not seen that linking to this web page of said company was a fraud, so I assumed this mail is from an existing company using very questionable ways to get targets [buying mail address databanks from LOT, for example] and offering extremely dubious "job" posts. In that moment, for me this was still "just" an enormously annoying spam case with technical forgery. Reason to protest about that definitely. So - in this case, I had to answer. Only later it became clear this is a larger case of scamming.
LOT sold them, but the people who bought them, were criminals. Fabrication of those mail boxes similar to those of the existing company and the link to the web page of the existing company was a fake.
But in general - sure. The last mail box that landed in such a databank and was then given up, turned to a dead mail box. I deconnected it from my mail application and changed the settings online to delete all and everything automatically once daily or so, so they do not take much server space of the provider. And so also, of course, no replies to spam mails possible anyway then. You then can set a forwarder to the new mail box, applicable for relevant chosen addresses only and that's quite it. And now the next one...
[Edited at 2012-12-05 13:15 GMT]
| | | | | I still don't bother | Dec 5, 2012 |
apk12 wrote: Paweł Hamerski wrote:
I would gladly advise e-mail address in case I get the discount Your own email or that of a relative or colleague without asking them, Paweł? And have you noted the text in bold above, the reply from the company being currently the targeted victim of ciber crime, just aside of the the other points of this criminal activity mentioned above? [Edited at 2012-12-04 21:25 GMT]
Mine and my family's, even without asking first, if the address is genuine. I have no use of fake addresses.
Bold text confirms uselessness of careless correspondence.
[Edited at 2012-12-05 16:55 GMT]
| | | | apk12
Germany
Local time: 21:49
English to German
+ ...
TOPIC STARTER | Why bother... | Dec 7, 2012 |
Paweł Hamerski wrote:
Mine and my family's, even without asking first, if the address is genuine.
Right, why bother about your family ending up as scam targets.
Bold text confirms uselessness of careless correspondence.
Bold text confirms how quick an address in a databank for sale ends up in the hands of cyber criminals - including those of your family, but as you mentioned: why bother.
What about the other part of the question - the email addresses of, say, other translators?
| | | | | I still don't bother too much about my privacy | Dec 7, 2012 |
Regretfully I don't know the addresses of other translators. Maybe translation offices will do?
| | |
|
|
|
apk12
Germany
Local time: 21:49
English to German
+ ...
TOPIC STARTER
Not sure how to reply to this. Not bothering about privacy sounds a bit like the "privacy is outdated" statement - I prefer to be outdated, then. See, I personally for example am a translator who is not that much fond of switching the sides [from actual translation to the management of it], so if asked by a client regarding an other language pair or other pair direction, I prefer to give the contact to somebody I can recommend than outsourcing the order. Since this implies emailing the translato... See more Not sure how to reply to this. Not bothering about privacy sounds a bit like the "privacy is outdated" statement - I prefer to be outdated, then. See, I personally for example am a translator who is not that much fond of switching the sides [from actual translation to the management of it], so if asked by a client regarding an other language pair or other pair direction, I prefer to give the contact to somebody I can recommend than outsourcing the order. Since this implies emailing the translator first and asking whether he/she is ok with that (let's say, describing the situation shortly and checking whether s/he is alright with giving the email to the client), this automatically means the translator would have my mail address in his/her inbox, isn't it?
I -might- be the only one who would prefer this to happen with translators who give reasons to assume they don't jump to the next best available page offering a discount for my mail address in order to be targeted by cyber criminals one day later. I -might- be the only one here. Problem is: I would not bet on that. ▲ Collapse
| | | | To report site rules violations or get help, contact a site moderator: You can also contact site staff by submitting a support request » E-Mail scam started at the Polish LOT [scam not directed at translators, but still worth noting] | Trados Studio 2022 Freelance | The leading translation software used by over 270,000 translators.
Designed with your feedback in mind, Trados Studio 2022 delivers an unrivalled, powerful desktop
and cloud solution, empowering you to work in the most efficient and cost-effective way.
More info » |
| | Anycount & Translation Office 3000 | Translation Office 3000
Translation Office 3000 is an advanced accounting tool for freelance translators and small agencies. TO3000 easily and seamlessly integrates with the business life of professional freelance translators.
More info » |
|
| | | | X Sign in to your ProZ.com account... | | | | | |
Login to reply/comment 
Translation news
