I reviewed a colleague’s post about a radon spammer phishing for $$$.
I got the same email from "firstname.lastname@example.org" today so beware!
Here’s a copy of his post:
Good morning everyone.
Last week I received several unsolicited emails from a website offering new and used continuous radon monitors (CRMs). I went to the website and noticed only a few available CRMs and some of the pricing was much lower than I expected so I contacted at least one manufacturer and asked why this website had lower pricing. The manufacturer had never heard of that website and didn’t know about the advertising.
I’ll call this Red Flag #1.
I then went to the contact information on the website and only found an address and phone number. A search of the Pittsburgh, PA address could not be found by any mapping program that I tried.
I’ll call this Red Flag #2.
I did use their contact form to send them a message and part of their reply is as follows:
"Due to the volume and amount of sales. We have to accept e-check until July for anyone ordering please do the following.
Please use our secure email and send your bank name, bank account number, routing number and your name and address. We will process the check and deliver upon clearing.
Send all information to email@example.com"
I don’t know about e-check policies but do know that ACH fund transfers do require account and routing numbers but this would be for the account RECEIVING funds, not MY account.
This was Red Flag #3 and just like in baseball, strike 3 and you’re out.
I have a personal policy that I do not conduct business with any website that does not clearly identify themself, including names of the management or sales staff, although I noticed this weakness on several legitimate websites of people that I know. So I send this message for two reasons.
Always be very diligent in knowing who you are dealing with, especially in web-based relationships. Caveat emptor = Let the Buyer Beware.
Take a look at your website and email style to see if you appear to be hiding information from your potential clients. I know that email addresses and phone numbers are mined off of websites every day and some prefer to keep that type of information off of their web pages, but there are ways of providing information on your website that can make it harder to hackers to steal your information.
Who knows, this might be a legitimate website? But for now it just doesn’t pass my smell test. Caveat emptor.