[COMPLETED] 🔍3rd Scam Spotting Challenge: Suspicious Email Edition🔍

Firmy
Firmy Posts: 1,905 Community Manager
edited November 22 in Announcements

We’re back with another Scam Spotting Challenge—this time focusing on Suspicious Emails 🚨 Scammers continue to get creative, and spotting a fraudulent email can make all the difference in staying secure online.

Challenge Details:

📅 Open Until: November 21st, 08:10 GMT
💬 How to Participate: Examine the attached suspicious email sample and share in the comments how you determined it was a scam attempt. Describe in your own words which specific clues tipped you off—it’s best to rely on your own knowledge rather than AI for an authentic response.

Rewards:

🎖️ Exclusive Badges will be awarded to all participants.
🏆 The participant with the most accurate answer will receive an exclusive prize from F-Secure.

Whether you’re a scam-spotting expert or just starting, this is a great chance to share and grow your skills with the community. Every submission helps others become more aware of email scams and how to spot them.

Ready to tackle the challenge? Comment below with your answer and join us in the fight against email scams!

Firmy
Community Manager | F-Secure Community
🔐 Strengthening digital security through knowledge and collaboration
🌐 Explore our User Guides | Knowledge Base for self-help resources
💻 Empower yourself with Cybersecurity Insights and protect what matters
📢 Help Shape Our New Homepage! Share your input in our design survey.

Comments

  • Candi1
    Candi1 Posts: 69 Active Engager

    For one, there is no name for the "HR Manager". For another, its addressed to "Applicant" & not my name. Its offering a generous salary with no experience for work at home, red flag for me. It wants you to click a link & pay a "registration fee", that probably takes you to a scam site to collect & steal your credit card information. To apply somewhere (especially in the US), a legit company doesn't charge you a fee to apply. There is no "in person" interview. It's signed by the "HR Manager" but no name, phone number or address, to look them up to check & make sure they are a legit company, with a legit physical location. It also wants you to open a pdf "offer letter" that you have no idea what it is or who its really from. Do Not click on any links in emails you don't know for sure who it's from. It's best not to even open an email unless you know for sure who it's from.

  • martink
    martink Posts: 445 Rising Star

    Just wondering if a hrmanager in a recruiting company is the one who does contract hiring as the email address indicates and the "signature" suggest the HRmanager of the main companuy.
    There is no contact details for either one except the email.
    I do not know what is remote work industry.
    Yes the salary is generous, too generous for any country for no experience.
    If the company hiring is not willing to pay the hiring costs I wonder if it will be willing to pay the salary. Sending this kind of email to thousands of "applicants" does not cost more than sending to one, however, should thousands of applicant respond an pay that would be easily earned money as there mustt be limit of theses positions if they were real.
    Agree with email not being addressed with a name sounds suspicious.

  • NVDA
    NVDA Posts: 5 Explorer

    When someone is offering you a suspiciously high salary/income/payoff for something but asks you to pay them first, you must stay alert. Ordinary firms do not behave like that.

  • Toweri
    Toweri Posts: 22 Enthusiast
    edited November 20

    The most obvious signs are already listed above (asking for money to apply, no real sender name, no any other contact details, a PDF attachment included, link to click [unfortunately the svg-image does not allow checking where that link actually points to], salary promise too good to be true…) so I concentrated to find out more about the companies "Swift Solutions Global" and "Globaljobs": The former returns nothing on Google search, the latter returns a bunch of similarly named companies, but no exact matches.
    It is hard to trust on a company that cannot be found via Google…

    While the domain "globaljobs.com" appears to be legitimate 'per se' (whois, DNS records, etc. searches) its owneship is hidden at GoDddy. Their web site is basically just a blank page - a sole "contact" link there points to 'moneyquestions.com', whose 'whois' data indicates the owner to be "Moniker Online Services LLC" - a completely different company again. Yet their MX-records point to "Newfold Digital, Inc." in Jacksonville, FL.
    This is all highly suspicious.

  • Ukko
    Ukko Posts: 3,768 Superuser

    Well..

    Usually, the appearance of headlines (or a 'message') that look like a lottery or a "forced" advertisement for something will, at best, indicate some hidden or additional (not so attractive) conditions and terms. Then some extraordinary offers and proposals, which for some unknown reason were offered directly to 'you' (when there are many others around), look incomprehensible and, at best, will put you in a confused state. This will simply arouse obvious suspicion (especially with grammatical errors starting almost from the title itself), which you will need to either dispel or confirm for yourself.

    This particular email...

    if you consider that I could certainly expect such a format and a "salary" in $, then this would cause me bewilderment for the following reasons:

    — the title of the letter is too "intrusive and spammy" (at least, its smell). And I don't think $3000 a week from home is a really... well.. objectively for mentioned "Dear Applicant".

    — then, the title says "Earn $3000 Peer Week from Home!", while I would expect it to be "3000 per week", at least.

    — additionally (I would do it anyway, but I don't know at what step) - I would google the domain. There globaljobs[.]com, the search results are mostly about globaljobs[.]org; which looks to me like an attempt to be similar to some well-known (locally) resource on the topic.

    — then, too much generic 'items' in the email. Such as: HR Manager (with its funny hrmanager@), Dear Applicant, Offer letter.pdf, Job Opportunity and so on names. And no any 'real' information around. No phones, no legal things.. just generic ones.

    —if I started studying the content of the letter (body, text, content), I would note the following things: even after the first paragraph, I would consider what kind of bogus I was reading... and again, questions about grammar, punctuation, and then again the same too much generic terms (including Swift Solutions Global, which is not really googleable for leading international company).

    — and when the mention of "fee" appeared, all interest disappeared completely. In addition to the sheer absurdity of the situation, we can say that they are asking for money without even telling you what you will have to do (and even just WHERE to find information about this, but they easily give you a link to pay the fee).

    — as a generic points: suspicious .pdf attachment (unmentioned in email); suspicious link; Both from 'unknown', 'unwanted' sender.

    All in all, it may be or look like something legitimate and real (or be partially so). But if you start to think about why or for what "they" do this and imagine the situation not only within "yourself" (as a receiver) then it will be more than obvious that at the very least this is an scam attempt (to take your 'one-off' payment). But it can also be a huge fraud or a crime. Also with various consequences - including the installation or inserting of malware or the hijacking of an active website session.

    It is quite likely that this letter and the entire scheme are automated and essentially designed for "random" victims. And the letter itself, the payload and the entire scheme are automated at every step (including perhaps processing victims data, collecting active emails or something else for subsequent campaigns). Therefore, they do not try very hard to be perfectly "indistinguishable" from scammers, but are simply trying to find an easy victim (or just a very inexperienced Internet user or a very "frustrated" person looking for income).

    Thanks!

  • Candi1
    Candi1 Posts: 69 Active Engager
    edited November 20

    I think this is great to have us spot suspicious emails & what they might contain. Thank you!

  • VanhaMies
    VanhaMies Posts: 6 Explorer

    Anonymous everything although names do not guarentee anything.
    Easy/too much money without any experience or education.
    Small "prepayment” before ”big” money
    So not click those links!

  • Firmy
    Firmy Posts: 1,905 Community Manager

    Thank you to all who took part in this challenge.

    The winner will receive a notification through a private message, and badges have already been added to your profiles.

    Although this round has ended, keep an eye on our community page for the next challenge. We can't wait to see you again.

    Firmy
    Community Manager | F-Secure Community
    🔐 Strengthening digital security through knowledge and collaboration
    🌐 Explore our User Guides | Knowledge Base for self-help resources
    💻 Empower yourself with Cybersecurity Insights and protect what matters
    📢 Help Shape Our New Homepage! Share your input in our design survey.

This discussion has been closed.
Feedback on New Design