Phishing Scams Targeting Website Designers
Our web design firm must have gotten popular with the wrong people all of a sudden because our email and voicemail are just blowing up with phishing scams lately.
What is a Phishing Scam?
Sounds fishy but I promise it's not a made up term. Phishing is basically an online scam where con artists send emails, calls, texts, and instant messages that appear to be from a completely legitimate company. They attempt to get you to divulge sensitive information such as financial information, logins, passwords, or personal identifying information such as a drivers license number or social security number. Once the con artist successfully obtains this information, they are able to deplete funds from your bank account, take over accounts, even hijack your identity.
What Types of Phishing Scams Are There?
There are all types of terms and vernacular for phishing attacks but most of them involve trying to get sensitive login / password information or financial information. The 5 most common types of phishing scams are:
Email Phishing - Is the most prevalent form of phishing attack. An email sender will register a near duplicate email address of a reputable source or spoof a legitimate source to convice you to send payment or login info to them.
Spear Phishing - Criminals use some prior knowledge of the victim (such as their place of employment, job title, etc). to convince them they are a trusted source.
Whaling - Takes aim at victims involved at the Executive Level in a corporation. Scams involving bogus tax returns are common in whaling phishing scams.
Smishing / Vishing - In these two forms of phishing, the telephone and text messages take the place of typical email phishing scams and posing as a credible authority figure over the phone.
Angler Phishing - A fake social media account or fake website is used to trick people into downloading software, photos, and downloading a trojan horse. This is a 2 step approach involving phishing and trojan attacks.
Phishing Scam Targeting Web Designers
There are no shortage of phishing scams targeting web designers and web developers. Usually I enjoy torturing these con artists a bit - sending them on wild goose chases, making them jump through proverbial hoops is all a good bit of fun. I told one scammer that I was afraid to give him my credit card info because he could be an auto dialer recording. I told him to prove he was real and not a voice recording he should bark like a dog for me.
I mean, these guys take it for granted that you're not that bright and will actually give them your credit card info - so turn around is fair play I say. I take it for granted that it takes someone pretty stupid to try and rip people off instead of getting a job and doing something worthwhile and meaningful with their lives.
Latest Phishing Scam Targeting Web Designers
Case in point, this latest genius who is operating under the name Stephen Nelsen, (AKA Stephen Nelsen Patrick). He contacted me today for a Website Estimate supposedly he wants a website and has a ridiculously high budget to spend on it.
No barking dogs on this particular day. I simply sent him back a polite message not to call or email us again, which is probably the more mature way to handle the situation but not nearly as much fun.
1 Easy Way Web Designers Can Avoid Getting Scammed By Phishers - Do a Google Search
A quick google search for "Office Equipment such as Printer, Scanners, Laminating Machines, Dictation, Computer, Adequate Light, Desk, Multipurpose Machine" turned up at least a half a dozen websites that were reporting this as a complete scam.
Hey the company is based on importing and exporting of Office Equipment such as Printer, Scanners, Laminating Machines, Dictation, Computer, Adequate Light, Desk, Multipurpose Machine, Software, Fire-Safe Bix, Network Router, Telephone, Paper Shredder, and Personal Server so I need a best of the best layout design for it. Can you handle that for me? So I need you to check out this site but I need something more perfect than this if its possible .https://avada.theme-fusion.com/classic-shop/... I have a content creator that has the text content and logo for the site the site would only be informational, so I need you to give me an estimate.
1. I want 12pages with 14 products
2. want only English language
3. My budget is $10,000-$25,000
4. want the site running up in 4-5 months
5. Are you the owner
Why This Phishing Scam Didn't Work
Unfortunately for him, his little scam never even got out of the gate because:
1. This phishing scam isn't original at all, it's at least 5 years old and I've seen it before.
2. All you have to do is search google for the context of his email to see it shows up a dozen or more websites that list him as a scammer going under multiple names.
How This Phishing Scam Works
The rest of this scam is supposed to involve a really fishy transfer of money for payment of the website project. We are supposed to supply our bank account info so that he can wire us the money. Only he'll be sending us too much money and will want us to hire some other person involved in the project on his behalf and then wire them some money too.
The whole thing is an obvious con that pretty much involves sending assets that don't clear our bank account and getting us to pay money to some unknown 3rd party (the scammer). After which we are to find that we are out the money for the so-called project, as well as the money spent hiring the 3rd party (the scammer). It's so transparent you'd have to have literally just fallen off the turnip truck to fall for this one. However, I'm sure there are a fair amount of gullible people out there that have been taken - otherwise why would they keep doing it?
Final Thought on Phishing Scams
Heck, we've all been receiving the same email from the same Nigerian Prince for the last 10 years offering us millions to let us transfer money into our account.
What is the percentage of successful phishing attacks?
Even though the success rate on these scams is almost 3%, there's still that small percentage of people that fall for it and usually get taken to the cleaners. There are all sorts of ways to identify a phishing website or email. The easiest way not to get taken is to do your homework. If it seems too good to be true, it probably is. A quick due diligence check into email addresses, phone numbers, even the context of a text or email can save you alot of aggravation. We hope this information helps web designers like us avoid getting scammed from phishers.