Email is a common vehicle for scams. For decades, scammers have used it to defraud unsuspecting victims. Email allows scammers to conceal their identities so that they conduct their illicit activities under the radar. While email scams can target anyone, they are particularly common among webmasters. If you run a website, you should avoid falling for these seven email scams.
1) CMS Phishing
A content management system (CMS) phishing email is a type of scam that’s designed to trick you into divulging the login credentials for your website’s CMS. Most CMSs such as WordPress have a web-based dashboard from which you can perform administrative tasks, such as installing new plugins or creating new content.
In a CMS phishing email, a scammer will ask you to log in to this dashboard by clicking a link and entering your username and password. The email-embedded link will take you to a website that looks like the login page for your website’s CMS. It may contain the same colors, fonts, logos and text. But entering your username and password won’t take you to the admin dashboard of your website’s CMS. It will simply provide the scammer with your login credentials so that they can hijack your website.
2) Deceptive Appraisal
Some scammers may send you an email with an offer to purchase to your website. They may state that, after researching your website, they are willing to pay anywhere from $10,000 to $100,000 for it. If you respond, the scammers will ask you to get your website appraised before proceeding with the sale.
Of course, the scammers aren’t really interested in buying your website. They only want you to purchase an appraisal service from their own business or a business with which they are affiliated. After getting your website appraised — a service that usually costs $50 to $200 — the scammers will ghost you.
3) Backlink Pishing
Scammers use email to phish for backlinks. Backlink phishing emails typically target websites featuring free stock photos. If you use the free stock photos on your website, you may receive an email from a scammer claiming to be the original photographer. The scammer will say that he or she owns the copyrights to a photo on your website, and to continue using that photo, you must provide attribution by linking to the scammer’s website.
Not all emails that request a backlink are scams. Rather, only those that are deceptive or dishonest are scams. Scammers who run their own websites use backlink phishing emails to trick webmasters into building backlinks on their behalf. If you sourced a photo from a legitimate stock image provider, the original photographer has already sold them the usage rights.
4) Negative SEO Extortion
Another common type of email scam is negative search engine optimization (SEO) extortion. In a negative SEO extortion email, a scammer will threaten to destroy your website’s search engine rankings unless you pay a ransom. The scammer may ask for $1,000 to $10,000, and if you don’t pay, he or she will carry out negative SEO against your website.
Negative SEO extortion emails are quite common. Google has even issued a statement regarding these scams. According to Google, signals from negative SEO attacks are typically ignored. Therefore, even if a scammer attempts to harm your website’s rankings by conducting a negative SEO attack, he or she probably won’t succeed. You can ignore negative SEO extortion emails without fear of Google or other search engines demoting your website.
5) Domain Slamming
Domain slamming is a type of email scam that’s designed to trick you into transferring your website’s domain name to a scammer’s registrar. Most domain slamming emails are designed to look like registration renewal emails. They’ll say that your website’s domain name is about to expire, and to renew it, you must click a link and purchase a renewal. When you purchase the renewal, though, you’ll transfer your website’s domain name to the scammer’s registrar.
You can avoid domain slamming emails by configuring your website’s domain name to automatically renew. All registrars offer automatic renewals. After enabling this feature, your registrar will renew your website’s domain name automatically before the expiration date. If you receive any emails claiming that your website’s domain name is about to expire, you can ignore them.
6) Hacking Extortion
In a hacking extortion email, a scammer will claim to have hacked your website. He or she will then ask you to pay a ransom to regain control of your website. Fortunately, hacking extortion emails generally don’t involve any actual hacking. They simply use scare tactics to compel you to pay the ransom impulsively.
If you receive a hacking extortion email, you should still check your website to ensure it hasn’t been hacked. Chances are that your website won’t show any signs of a breach. In the event that it has been hacked, you can restore your website using a backup. Regardless, you shouldn’t pay the ransom in a hacking extortion email.
7) Fake Trademark Registration
Fake trademark registration emails are similar to domain slamming emails. They both attempt to trick you into purchasing a registration-related service. The difference is that domain slamming emails target your website’s domain name, whereas fake trademark registration emails target your website’s trademarks. A fake trademark registration email, for example, may ask you to buy a renewal or legal service for a trademark.
If you don’t own any trademarks, you can disregard any emails asking you to buy a trademark service. Alternatively, if you do own trademarks, you can check their status on the United States Patent and Trademark Office’s (USPTO’s) website. The USPTO has a trademark status tool on its website that will reveal all alerts and communications for a given trademark. When the USPTO sends you an email, it will save a copy of the email, which you can retrieve using this tool.
You can’t always prevent scam emails from reaching your inbox. If your email address is displayed anywhere on your website, scammers may find it. By familiarizing yourself with the most common website-related email scams, though, you can avoid falling for them. Additionally, you should consider using an email provider with strong protection against email threats such as our Canadian Email Hosting plans that include advanced spam, phishing, and malware protection.