Share Button

Phishing and spam – dangerous and inconvenient, to be sure. But sometimes I despair of the standard of emails that come through. So – dear spammers and crooks, here are a few pointers.

1) Don’t pretend to be informal if you can’t pull it off

For example, if you send me an email that says “How are the things”, which you have a lot, I’m hardly going to think that’s from a friend. “How’s things?” would be much better. “How are the things?” shows you are clueless on chatty English discourse. Either you mean “Where are the things?”, which sounds like the start of a domestic disagreement:

– Where are the things?
– What things?
– You know, the things for the doodah
– I have no idea what you’re on about
– Why are you always getting at me?
… and so on,

… 0r you are referring to my children as “the things”, a bit like Thing 1 and Thing 2 in Cat in the Hat. If so, that’s quite funny, and closer to the mark. But I’m still not falling for it.

2) Get personal

“Dear Bank Account Operator” really isn’t very convincing. Even “Dear customer” would be better. But better yet, use my name. “Dear Mr Minto” gets you through the first line of defence. But there are many to go…

3) Avoid block capitals

“YOUR WIRE TRANSFER FAILED” is something that a company would never write. Why would anyone fall for that?

4) Get off my domain

Sending email that looks like it has come from an address on my domain, such as accounts@minto.net, isn’t fooling me. I didn’t set it up. I would remember, you see. And then I wouldn’t email myself pretending to be from my own accounts department. That shit might work with a big corporation, but it’s not gonna fly here.

5) Social media is too obvious

Messages from LinkedIn, Facebook etc – sure, they look good, but I’ve never clicked on one. If I want to reply to a message on a social network, I’ll do it from inside the network. Safer that way.

6) Use better URLs

Even if I was tempted to click on some malware link by mistake, anything with “wp-upload” in the URL is a bit of a dead giveaway.

7) Get sophisticated

I’m rarely a customer of many of the banks or companies you pretend to be emailing from. So I’m hardly worried if I get an email from Citibank, say. Now, if I got a clever email from HSBC *, that would be a different thing.

8) Frequency = desperation

Send me one email about my “account”, and my interest might be momentarily aroused, however briefly. Send me 5 in quick succession? I’m not so worried. Show me a company that does that.

I’m sure there are more pointers I could give, but that’ll do it for now. Have a nice day, fraudsters.

* I’m not an HSBC customer either.