A “phishing” e-mail is one that contains a prompt to open an attachment (or click on a link), with the sender hoping to gain access to the recipient’s private data by hacking their computer, and this cybercrime may be targeted at proofreaders seeking work.
After all, my editorial service includes proofreading. I believe that the e-mail I recently received was of the phishing nature. Below is the copy-and-paste (including all the errors) and it reads SOOOO very suspiciously (I omitted the sender’s name and slightly altered her reply e-mail address):
I’m (name of sender), i work as a register nurse,(RN) hard of hearing single mother of 3 wonderful grown up boys and a girl. Hearing impaired. I got your info from a free lance site!
I have a Medical Article in English, which i will like to know if you can proofread for me. Let me know your cost, time to finish proof reading.
I will attach the article in the next email , if you are interested in taken up the job. Please reply
to this email email@example.com OK!
Why does this above e-mail seem so suspicious?
First off, it does not address me by name. If YOU wanted a professional to proofread YOUR paper, wouldn’t you address that person by name? A classic feature of a phishing e-mail is that the name of the recipient is nowhere to be found.
Next, what on earth does the hearing impairment (which is mentioned twice) and the parental status of this individual have to do with me proofreading her article?
My conclusion is that she (or he, posing as a female) is trying to tap into my emotions, to establish a connection with me. If the sender establishes an emotional connection, the recipient is more likely to get lured into a scam! She’s setting me up to click on that attachment in the next e-mail!
Next, for a nurse, this person sure has a ton of errors in the way the message is typed out. Perhaps English isn’t this person’s first language. However, when this is the case, you’d think the client would mention it, right?
Next, I have multiple e-mail accounts. The sender claims she found my information on a freelance site. The particular e-mail that she sent her message to is not listed on any freelance site! However, I have intentionally listed it on a court reporter/stenographer site (not quite the same as a “freelance” site). Furthermore, the information I provide targets court reporters. How the heck would a nurse who wrote an article come upon my information?
Here’s what I think: This is a scammer, and their scam-software scans cyberspace for keywords such as “proofreader” and “medical,” and the “@” symbol, which indicates a contact e-mail address for a proofreader. The software then generates a mountain of e-mail addresses of proofreaders, and the scammer hits one button, and off 10,000 phishing e-mails go, with me being one of thousands of recipients.
Next, what’s with the “OK!” after her reply e-mail address? What legitimate person, seeking a proofreader for a medical article, would do this?
I gave her the benefit of the doubt and replied back, asking her to copy and paste the article into the e-mail field, and explaining that I do not open attachments until the legitimacy of the sender is verified.
Below is her response:
Thanks for your interest in taken up the proofing job. i so much appreciate your interest.I got your info from a free lance site!.. I will attach the article for you to preview. Please try to use an anti virus to scan the attachment if you can trust me.. i dont know how to copy and paste out of the MS Word… It will not just allow me.. Thanks
Kindly get back to me with the quote..
This message smacks of suspicion. First off, why would she repeat, “I got your info from a free lance site!” especially with that exclamation point? (My guess: She’s trying to get at my emotions again).
Next, if this person has the brains to be a nurse and write a medical article, how is it that she can’t figure out how to use one of Word’s most basic functions, the copy-and-paste?
However, her next statement after claiming, “I don’t know how to copy and paste,” is very suspicious: “It will not just allow me.” If she can’t figure out how to copy and paste, how would she know that the program won’t allow this function?
If you’re aware that a program won’t allow a function to occur, this means you DO know how to use it! If you do NOT know how to use it, you can’t possibly know if the program is allowing anything or not! Can you say phishing?
I decided not to respond to what is obviously malicious e-mail.
There’s a tiny chance this was legitimate, but in order for that to be, we have to conclude that this nurse is not a native English speaker, and has no clue about how to properly address and compose an e-mail message seeking help with her writing. This makes more sense for a high school drop-out. I’d be fearful of having a nurse, with such poor communication skills, tend to me in a hospital.
I vote that this is a phishing attempt, setting me up to click on the subsequent attachment. My ability to pay bills is not contingent on this one particular person, so I deleted both her e-mails. She hasn’t contacted me after that.
If you’re a proofreader seeking work, beware of phishing e-mails designed to lure you into opening an attachment. One of the hallmarks of a phishing e-mail is that it does not address you by name. A phishing e-mail also typically has typos and misspellings, and oddball or irrelevant information. (BTW, I use “they’re” rather than “he or she” or “him/her” to refer to a single person of unspecified gender, because that’s how people speak.)