TransWikia.com

Possible scam using another person's email, but we don't see how it is working

Personal Finance & Money Asked by R. Hamilton on August 16, 2021

I have a friend who has been getting quite a lot of traffic to his personal email account that is not his activity. This would include someone in California requesting auto insurance quotes. This would include someone in Minnesota requesting free tickets to an event. And the prompt for this question, in the last month or so, several people (half a dozen or so) making online purchases and using his email as their contact information. My friend has been reaching out to the companies to tell them that the email they are using does not belong to that person.

At least one of the ‘customers’ has ordered, then attempted to cancel, and the company said cancelling was impossible because the order had already shipped, which made us think that this was the scam. However, a little snooping (because we had the customer’s name and address) showed that it was a real address and said customer’s name is tied to the property record for the address — in short, seems like the worst way to execute a scam of some sort using your real contact information.

My friend has been closely monitoring his credit reports and accounts. There is no evidence that any of these people have access to any real information to attempt some kind of identity theft.

So, this is why I am here. Apart from getting some annoying emails that aren’t really for him, given the scenario I laid out above, is there any risk to my friend that we’re overlooking? As I wrote in the title, it feels very scammy in some way, but we just don’t understand how simply directing emails to a different account allows anything untoward to occur.

I would appreciate any thoughts this community has here and thanks in advance.

p.s. The email he’s using is two common-ish words on a fairly ubiquitous service, and well, I think we all have a throw-away email when a web form requires something (I hereby publicly apologize if I have been doing this same annoyance to a real person at [email protected]). Just moving emails would be a significant hassle as he has had this same one for 15+ years now. Furthermore, as above, it is not just spam going to the email, but what appears to be mostly legitimate business — just initiated by someone else using his email.

2 Answers

I think the issue might be that your friend has an email that is very close to other peoples' and it is being misspelled when those people enter their email addresses.

This doesn't sound like a scam of any kind, or anything untoward. Just a common honest mistake.

Answered by RiverNet on August 16, 2021

It could be a mistaken email address, it could be a scam attempt: without studying the emails in more detail it would be difficult to tell with any certainty.

If it is an attempted scam, the two common techniques are (a) include an infected attachment ("Thank you for your order of $1,232. Open the attached invoice for full details."), or (b) try to direct you to a fake website to get you to enter personal details ("Your order for $1,232 is being processed. Visit scammer.example.com if you need to amend or cancel."). Of course, the true destination would be disguised to look "real".

Therefore, whatever else your friend does, they should not open any attachments, and not follow any links in the emails. If they were to follow-up in any way, they should find independent ways of contacting the companies that apparently sent the emails.


Regarding:

However, a little snooping (because we had the customer's name and address) showed that it was a real address and said customer's name is tied to the property record for the address -- in short, seems like the worst way to execute a scam of some sort using your real contact information.

If it is a scam, the address wouldn't be that of the scammers (unless they were very stupid). They would pick a random real address (very possibly an earlier victim) so that if anyone does do some digging, it will look legitimate, thus increasing the chance that the recipient will open an attachment or follow a phoney link.


From a comment:

however why would one do that if one were to request insurance quotes? Or asking for tickets to be emailed to you? Or make an online order and I would assume expect the tracking information to be mailed to you when your order ships? Why give out a fake email address when one can more than reasonably assume that one will be contacted and given useful/requested information via email? This is what has us baffled.

If these are genuine emails from the companies they purport to come from, then as TTT says in a comment, then – for things like insurance quotes, at least – people might give a false email address just so that they're not added to a marketing database just for making an inquiry. (But, as you point out, there are many cases where using a false email address doesn't make sense).

However, if they are some kind of scam email, this doesn't matter. It's almost certain that the emails won't be coming from the companies they appear to... it won't be a scammer trying to place an order with Walmart using your friend's email address and trying to scam either them or Walmart. Instead, it will be a scammer sending fake emails that look like they come from Walmart etc., in the hope that the recipient will open an attachment or follow a link.

My personal inclination, based on what's in the question, would be to just delete and ignore the emails.

Answered by TripeHound on August 16, 2021

Add your own answers!

Ask a Question

Get help from others!

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP