Pages Menu

Showing posts with label online scams. Show all posts
Showing posts with label online scams. Show all posts

Saturday, November 8, 2025

Beware: Scammers and Fraudsters Are Adapting to Get Your Money

Split scene: elderly woman worried on the left; hooded scammer smiling while using a laptop on the right. Represents how scammers harm vulnerable victims.
 Online scammers and fraudsters don’t care about their victims’ hardships.

By J. André Faust (November 8, 2025)

The Numbers Game of Digital Scams: A Case Study, Psychology Breakdown, and How to Verify Emails

This post examines a live Facebook scam I received, compares it with a legitimate fundraising email about a real multimillion dollar lawsuit, and unpacks how a separate DHL phishing email tries to trick recipients. Along the way, I explain the persuasion mechanics and show exactly how to verify email authenticity using message headers.

Part I — The Facebook “Government Grant” Scam: A Case Study

Transcript highlights (abridged):

  • Scammer: “Have you heard about the DC program… an International Development program by the government due to the pandemic to give financial assistance to everyone… Even I got $150,000… I’ll send you the agent.”
  • Me: “Which government, which country? I base decisions on verifiable data.”
  • Scammer (later): “Federal government… Canada… It’s 100 percent real.”

Why this is a scam

  • Vagueness: no program name, no department, no official link.
  • Over-promising: “everyone” gets $150,000 with no repayment.
  • Scripted escalation: they try to hand you to a fake “agent.”
  • Outdated frame: they invoke “pandemic aid,” which signals a recycled 2020–2022 script.
  • Decorative obfuscation: odd characters like “ۦۦ ۦۦ …” are Arabic combining marks used as visual filler to dodge filters and to look exotic. They add no meaning.

What I did: demanded specifics — country, department, official link. When they finally said “Canada,” I asked for the minister and noted I could verify with federal contacts. The conversation stalled. That is a win.

Psychology of why these scripts work

  • System 1 vs System 2 (Kahneman): scams push fast, emotional System 1 before careful System 2 can engage.
  • ELM (Elaboration Likelihood Model): they target the peripheral route with cues like “government,” big payoff, and friendly tone, avoiding the central route where claims are scrutinised.
  • Cialdini’s principles: authority (“government”), social proof (“my friend got it”), reciprocity (“I’m helping you”), scarcity (“apply soon”), commitment/consistency (get you to reply once), liking (chummy small talk), and unity (“people like us”).
  • Heuristics under stress: financial strain, time pressure, and fatigue increase reliance on shortcuts.

Glossary

  • FOMO: Fear Of Missing Out. A pressure tactic that nudges people to act quickly to avoid “losing” a benefit.
  • Peripheral route: quick persuasion via cues rather than evidence.
  • Central route: persuasion through careful reasoning and proof.

Part II — Legitimate Fundraising vs Scam: How I Evaluated the Broadbent/PressProgress Email

Within the same window of time I received a fundraising email from the Broadbent Institute referencing a lengthy, expensive media-law trial connected to a 2019 Alberta election story. The email routes through ActionNetwork’s infrastructure, shows consistent sender identity, and references an ongoing, public legal matter involving multiple media outlets. This stands in contrast to the Facebook scam’s evasiveness.

Legitimate signals

  • Clear organisational identity (Broadbent Institute, PressProgress), stable web domains, and a consistent sender address.
  • Context that matches public reporting about a multi-month trial and a multimillion dollar claim.
  • Routine fundraising framing: transparency about costs, a donation ask, and unsubscribe links.

Why scams harm legitimate fundraising

  • They saturate people with fake appeals, creating “compassion fatigue.”
  • They erode trust in all asks, so real causes must overcome higher skepticism.
  • They mimic legitimate language, forcing genuine organisations to prove more and more.

Part III — DHL Phishing Example

I also received a “DHL EXPRESS” email, in mixed Japanese and English, urging me to click a link to correct my address and phone number. This is classic delivery-problem phishing.

Plain-English translation of the Japanese body (abridged):

“Were you not at home at the time of delivery?
Dear Customer, an international item from the United States is scheduled for delivery, but we could not deliver due to errors in the address and phone number. Please complete the delivery information using the link below and we will arrange redelivery within 1–2 business days. You can choose no-signature contactless delivery or pickup at a nearby service point. Click here.”

It then shows a fake tracking number and a button to “complete delivery info.”

Red flags

  • Sender domain is not owned by DHL.
  • Urgent correction request plus a link to a data-harvesting site.
  • Language switching and generic “Dear Customer.”

Part IV — How to Verify Email Authenticity with Headers

Email display names and apparent “From” addresses can be spoofed. What matters is the header trail and authentication results.

What to look for in headers

  • Return-Path / Envelope-From: the true sending identity for bounces.
  • Received lines: the path the message took, from the first server to your provider. Look for reputable infrastructure.
  • SPF: did the sending IP have permission to send for the domain.
  • DKIM: a cryptographic signature by the sender’s domain.
  • DMARC: domain’s policy that ties SPF/DKIM to the visible “From.”

Note: Good providers filter many spoofed messages using SPF/DKIM/DMARC, but filtering cannot be perfect. You should still verify suspicious messages manually.

How to open headers in Outlook desktop (two ways)

  1. Classic method: double-click the email to open in its own window → FileProperties → copy from the Internet headers box.
  2. Message Options shortcut: double-click the email → in the ribbon’s Tags group, click the tiny launcher arrow at the corner → headers appear in Properties.

Once opened, scan the Received chain top to bottom. For a legitimate campaign, you will usually see a known bulk sender or the organisation’s own infrastructure. For phishing, you often see mismatched domains, odd servers, or no valid authentication.

Quick test you can do

  • Hover but do not click links. Does the actual URL match the brand’s domain?
  • Check if the sender’s domain passes SPF and DKIM in the headers.
  • If in doubt, go directly to the organisation’s website and navigate to their donate or account page yourself. Never use the email link.

Part V — Practical Checklist: Spotting Manipulation

  • Specifics or nothing: program name, department, official URL.
  • No fees for money: never pay “delivery,” “clearance,” or “verification” fees to receive funds.
  • Timeline sense: does the story fit the current moment, or does it smell like a pandemic-era template.
  • Route yourself: for legit appeals, type the known site in your browser. Do not click the email button.
  • Slow the pace: taking time forces your System 2 to engage.

Conclusion

Scammers run a numbers game that counts on speed, stress, and vague authority. Legitimate organisations expect scrutiny and can point you to verifiable sources. The simplest defence is a habit: ask for specifics, read the headers, and never let urgency make your decision.

About the author

J. André Faust explores the structural entanglements of politics, economics, and society. His work follows a layered-systems approach that traces feedback loops and updates beliefs in light of new evidence. He writes and produces under the banner The Connected Mind.

Posted by at No comments:
Labels: , , , , , , , , ,
Location: Fredericton, NB, Canada
Subscribe to: Comments (Atom)