Is this receipt for software I didn't order valid?

Home » EMail » Spam

Summary: One popular Internet scam is to make something look like an honest mistake that would let you download something expensive for free. Don't fall for it.

•

The question included the text of email that looked like a receipt from an online software purchase or Windows Vista Ultimate, with download instructions.

Your instincts are right not to click on any of those links.

It's not a new form of attack; it's actually a fairly old one.

And what do to? That's easy.

•

I'll start with the "what to do" part: delete the email and get on with your life. If you like, you might click on a "This is Spam" button or link to delete it so that spam filters can better learn that this is email that should be discarded.

Even with three layers of spam filtering in place I delete a hand full of these types of "offers" each morning. Most are more blatant, claiming "free software", or "[some expensive software package] is ready to download now". Some, like yours, are attempts to copy some company's valid download instructions to trick you into visiting the bogus site, very much like phishing.

It's all bogus.

Here are some clues:

• The email never mentions you by name. If you're not mentioned by name or with something else other than your email address that clearly and correctly identifies you; the mail could be sent to anyone. In fact that's a great test; could two completely different people read that same mail and both think it was for them? If so, it's highly suspect.

• You're only identified by your email address. Of course they have that - that's how the email was sent. They may have collected it from a spamming list or some other nefarious means, but the fact that your email address might be in the message body does not legitimize the message.

• It offers something for nothing. Even if it's cloaked to look like an honest mistake, email that boils down to getting you something for nothing should never be trusted.

• It has an offer that's "too good to be true", or downright illegal. Email that purports to offer you OEM software for dirt cheap prices, or other types of items at prices that are simply too good to be true are in fact too good to be true. 99 times out of 100 it's a scam, a phishing attempt or a virus.

• The web address you're redirected to, or the email address you would contact or reply to, is in eastern Europe, Africa, Far East or South America. That sounds really harsh, because I'm sure that there are legitimate businesses in all of those regions. Unfortunately the majority of email scams and spam now originate outside of the United States in third world countries, or countries where the government or legal infrastructure just isn't set up to deal with it.

• The web or email address "doesn't make sense" in context. In your case the web address was a ".ch" address, which it turns out is Switzerland. Circuit City (the U.S. retailer from whom the software was supposedly purchased) it not likely to send you to Switzerland to download your software.

Like I said, your instincts were good. This email is almost certainly bogus. Its purpose was likely not to get you software, but rather either of two things:

• Phishing: had you clicked, you might have been prompted for some more information, this time about yourself. Perhaps even a new credit card number. Had you provided it, you would have just given it to a phisher.

• Malware: have you clicked your computer, if not properly secured, might well have become infected with spyware, viruses or other malware.

So, good on you for recognizing the risk.

Related:

• Ask Leo! - Why is there so much spam?

• Ask Leo! - Phishing? What's Phishing?

• Ask Leo! - What's OEM software? Is it safe to buy?

• IANA - International Top Level Domains

• ScamBusters.org - friends of mine and an excellent resource for educating yourself, and protecting yourself, from Internet scams.

Article C2993 - April 13, 2007