Writers Beware: Checking the Sender vs Sender Address (and more)

This is somewhat of an extension of my previous blog about the use of free email accounts used for professional communications (read that blog here).

When receiving emails, it is common to see a person's name as the sender. You don't always see the address they sent the email from (depending on your email client) unless you click the name to expose that value or perhaps hover over their name. Just as it is important to know who you're emailing and what address you're emailing to, it is equally important to understand where an email comes from.

Example: I recently received a Spam message to my personal account. I knew it was a fake email and not anything to seriously consider but I still scanned it out of curiosity. The name of the sender that was displayed was "Ms. Kristalina Georgieva". BUT, when I looked deeper, the sender's address was "zhoujinping@citiz.net". For those with an attention to detail will notice that the email address does not suggest the name displayed for the sender matches.

If someone looks at the name Krisalina Georgieva, you probably won't assume that to be a Chinese name. However, the "zhoujinping" of the first part of the sender's address might suggest at least Asian influence with the name. But when you do a whois lookup on the domain citiz.net it shows very clearly that the domain is registered to Xin Net Technology Corporation in China.

This tells me that someone in China affiliated with the Xin Net Technology Corp is trying to masquerade as someone not of Chinese descent in an attempt to defraud me. Even a search for the name Xin Net Technology Corporation seems to suggest that this is a company but hundreds of websites that are known scammers dating back to at least 2010 (see this link for more info).

Reading through the email, the sender suggests they work for the International Monetary Fund located in Washington D.C., which is a real deal in D.C. with their own website (www.ifm.org) and all. But the real kicker is at the bottom of the email, the sender says to respond to the address of "kristalinegeo000@hotmail.com" to process my request.

Why would a real group with the imf.org domain need me to reply to a @hotmail.com address instead of an @imf.org address? Why would Kristalina Georgieva send me an email from an address of zhoujinping@citiz.net but want me to reply to a @hotmail.com address?

This is clearly a fake email trying to trick me into sending information to a fake Hotmail account controlled by someone who works for Xin Net Technology Corp., which is apparently a known scamming company. For people who just take emails at face value, this could be financially disastrous to click Reply to. This is why it is always so critical to examine all the many facets of an email and not just focus on what it promises you. There are red flags all throughout this message but only if you know what to look for.

If we are to stay safe from scammers, identity thieves, and more, we have to be diligent in how we choose to interact with others online and knowing what to look for before engaging them to keep ourselves safe. Not only is it VERY unprofessional to use free accounts like gmail, yahoo, hotmail, and more for corporate communications, we should also be wary of those who represent themselves as belonging to a real group but still soliciting responses to/from similar free accounts that are clearly not associated with the group the sender is falsely representing.

Leave a comment