So we got an email from a client
Today I got an email from one of our clients. This woman was one of the first website jobs we completed and is a lady we have both known for years.
Our client wanted to check with us about an email she had received. This email, although poorly formatted, looked pretty official. It contained her domain name, multiple times, in the body of the mail. It addressed her by her full name, with her business name and her full address.
Here’s how it looked:
As you can see, I’ve redacted her personal information from the screenshot in the interests of privacy and confidentiality.
What should she do?
Our client had one question for me on this – did she need to do anything about it? She didn’t really think she needed to, she is just somebody who double checks to be on the safe side.
Why would anybody expect this scam to work?
This email attempts to prey on people in a situation that is one of my biggest pet peeves. We have seen it so many times. When we start to work with a client who has already obtained a domain, set up a hosting account or even built a website we ask them where the domain is registered, who their hosting is with and where/how their website is built. The most common answer, the one we hear almost every time? I don’t know. This is when all my protective hackles rise. Why would somebody pay so much money to somebody and not know what they were paying for?
But it doesn’t work, right?
For somebody who wasn’t sure where their “stuff” is, for somebody who wasn’t comfortable checking with their provider, for somebody who believes everything in their inbox or for somebody who was panicked for a few minutes by the formality, this email would have cost them $66 – money which would have lined the pockets of some scammer who did nothing more than check domain records and send phishing emails.
These emails work, make no mistake about it, if they didn’t then they would have stopped a long time ago.
What can we do to avoid it?
When we complete a web project we provide every client with a Client Document. This contains all of the details about where their domain and hosting are set up, where their website is and how to access each of these. It contains additional information about their website build, things that we have told them in their free training session after launch but which they may forget if they don’t use it for a period of time. This document means that they always have this information available for reference, in one place, so they never have to wonder “where is my stuff?” and they are not going to be fooled by scammers in this way.