The Norman Transcript

July 28, 2013

Clues help us detect and avoid email scams


The Norman Transcript

NORMAN — Email anti-spam filters are often pretty bad at protecting email users. They let bad email through and block good messages with such regularity that I don’t really include them as part of my overall Internet safety strategy.

The spam filters that come along with having a Gmail email account are usually pretty good, though, but they still make mistakes. Today, another bad email sneaked past the Gmail filters, this time allegedly sent from Mrs. Susan Goedde.

The email’s subject line, which read “From Mrs Susan,” got my attention right off, as it lacked proper English punctuation. There should have been a period after “Mrs,” but the period was missing.

Astute Internet safety practitioners know that, because many dangerous spam emails originate from foreign-based criminals who do not have a good grasp of the English language, their emails are often filled with bad grammar and punctuation. That was dangerous email Clue No. 1.

Clue No. 2 appeared as soon as I looked at the sender’s email address, which was wabaf@email.

cz.

Overseas email addresses often include the country of origins “country code” at the end of the address, rather than the traditional “.com” or “.net” that many folks are used to seeing. This particular country code, “.cz,” is the code for the Czech Republic, part of what used to be known as Czechoslovakia. Why, I wondered, was “Mrs Susan” of the Czech Republic trying to contact me?

Clue No. 3 appeared as soon as I viewed the email, which Gmail had deemed to be safe: there was a “.pdf” file attached to the message, with the filename “from mrs susan goedde.pdf.”

I never open email attachments from strangers. The best email safety rules dictate that you should never open email attachments, even if they come from your best friend; exceptions would be if the sender tells you in the text of the message exactly what the attachment is, along with the filename.

Indeed, many computer viruses travel around the Internet embedded in carefully crafted PDF files. Instead of opening a potentially dangerous file, I turned to Google to find out more about the mysterious Mrs Susan Goedde.

The first search result led to information that fraudulent emails signed by her were circling the globe, enticing people to send money to claim the prize of “U$$840,000.00 dollars” won in the “Canada-Sizzler Lottery.” These emails were originating from the Czech Republic. This news made me glad that I had not opened the suspicious PDF attachment.

As it turns out, there actually are people in the world named Susan Goedde. Interestingly, one of them is a spokesperson for the Missouri Lottery Association but has nothing to do with the Canada-Sizzler Lottery. A bit more research showed that there is no such thing as the Canada-Sizzler Lottery.

Those simple Google searches settled the issue for me, and I deleted the email, unscathed. I would imagine, though, that the real Susan Goeddes of the world are pretty peeved their names are being used in such a seamy scam.

Dave Moore of Norman has been an independent computer service technician since 1984. He also teaches computer security workshops to public and private organizations. He can be reached at 919-9901 or davemoorecomputers.com.