how to recognise-a-phishing-email

What is a scam? Have you ever received a phishing email? Would you be able to recognise a phishing email?

I work with the internet and its dark side every day, but there are some nasty things I still struggle with and, today, I want to share with you a personal matter that has happened to me regarding phishing.

ONCE UPON A TIME

A week ago I was contacted by a Chinese network service company, Chinanetregistry.com, the domain name registration center in China. The service manager that contacted me, Mr. Jim, asked me if I knew or had some partnership relations with a company called Huayi Ltd because they wanted to register “zenzerographic” as their internet keyword, and buying some domains names such as zenzerographic.com.cn (Chinese extension) zenzerographic.net.cn, zenzerographic.org.cn and others very similar. He said that, after checking, they found that the keyword and the names this company was trying to buy, conflicted with my company name so decided to contact me.

“How kind” I thought. I replied to Mr. Jim that I had nothing to do with that company, and I thanked him for warning me.

WE WANT YOU TO KNOW WE ARE REAL

Two days after, another email. This time was the Huavy Ltd, the company that wanted to buy the keyword and those domains, using a temporary email box, vip.163.com (apparently thanks to this service, you can send an email anonymously using that extension): the Huavy Ltd warned me that, despite Mr Jim advice not to buy that keyword and those names, they would persist in this intention.

LET’S GO TO THE POINT

I trashed the email, and two days after, Mr Jim contacted me again. He said that probably that company does a similar business as me, and they couldn’t do anything because it’s a free market and any company or individuals have the rights to register any domain name or internet keyword that are unregistered. And at the end of the email, he advised me to buy that keyword and the domain names (com.cn/ org.cn/ net.cn and so on) before they did, just because they wanted to avoid any conflicts, and I was the owner of the original name, so I would have had the priority in this matter. I never thought, even for a second, that it was a phishing scam email.

how-to-recognise-a-phishing-email-01I WASN’T BORN YESTERDAY

After asking Mr. Jim to send me over the form to fill in and buy that keyword, I contacted my Hosting service provider and I bought all the main extensions I could: co.uk/ .net/ .org/ .it/ just to be sure that nobody else would buy them; than I told them what was going on and asked them the procedure for buying a keyword. The answer surprised me.

DOUBLE CHECK

If two people who don’t know each other and are experts in their fields say the same thing then it must be true. After contacting my hosting service provider, I phoned a SEO expert friend of mine, and she confirmed what my hosting service provider told me: it’s not possible to buy keywords. You can use them for your business, you can buy Adsense campaigns from Google but it’s not possible to buy a keyword. Bingo!

You can only imagine my feelings, my satisfaction, my pride when I wrote back to Mr. Jim, telling him that I’d understood his game and I had exposed him. Even though I was tempted to send him my scanned middle finger, I decided to be polite but firm. He’s never replied me back.

How to recognise phishing scam emails? In case of phishing emails, my only advice is, when in doubt, check everything you can, such as the email address of the sender, or ask advice to someone that have a better knowledge about it. And you? Have you had a similar experience? Would you care to share?