Today in the middle of COVID-19 quarantine I have received an email from United Nations, looking closely it was clear it was clearly a SCAM email trying to get donations. 

The world has never faced a crisis like COVID-19.
The pandemic is impacting communities everywhere. It’s never been more urgent to support the global response.

The humanity, solidarity and generosity of people and organizations everywhere is also unprecedented.
But we can’t stop now. 

Blah blah blah…

In order to break down this email and understand that it is in fact a scam we could follow this logic: 

  1. Did you expect such email – no I did not expect it and it was out of blue. I never worked with United Nations or had any ties with them, I did volunteer but nothing serious to share with them my email. 
  2. Looking at the Subject line of the email I could see that it was copied from Euronews Article posted earlier last week: We’re all in a war against COVID-19 together that was red flag number two
  3. Email came to my email address which is not shared with anyone so it was guessed
  4. Sender of the email “[email protected]”: Such email is not listed anywhere on who.int most likely this email address was spoofed, and offender pretends to be sending from this email. 
  5. Email is asking for bitcoin donations on the wallet they mention within the email, looking at the official https://covid19responsefund.org/ website which is on separate page we can see that there is no BitCoin payments accepted and their donations are accepted via credit or debit cards. 
  6. Checking Bitcoin Abuse database we can find this wallet is already in their database: https://www.bitcoinabuse.com/reports/1BYUStqxQ1zY7CqsnQxZyXgrgrexSLJCNm
  7. Checking the servers sending this email we can see that they are in Morocco. 

This email was written in order to inform you on the dangers and risks of email SCAM. The logic that is used in order to detect this scam could be used for other similar suspicious emails as well. If you are not waiting for email then it could be a scam. 

Protect against forged emails that appear to come from your domain. It is recommended to have SPF records within your domain DNS. If you are not sure whether you have this records you can ask your IT service provider. 
Read more about SPF and how to use it if  you use Google email services here: https://support.google.com/a/answer/33786?hl=en

Take your legal firm to the next level!

Join monthly newsletter and never miss tips, tricks and other Digital Marketing articles that will help your Legal Firm grow.

You have Successfully Subscribed!