Posted by: Heather Toll on August 10, 2018 at 8:00 am
Keep an eye out for this. To be honest, we’re not 100% sure if it’s a new scam or someone actually trying to be helpful. But we’re leaning toward “new scam.”
Earlier this week, we got an email to our “info@” email account, which is for general inquiries and easily found on our web site. The email claimed that this was a follow-up email to their first, and that they were writing to let us know we had a broken link on our site.
They went on to provide details: the page URL, the words that were linked, the dead link destination, a suggested link we could use instead, even a screenshot of a couple of lines from the blog that contained the link.
Wow, that was a lot of work. But nice? Helpful? We’re not so sure.
Our link was dead, that much was true. But, not being people who will blindly link to an unknown site, we investigated the provided link before updating our page. We typed in the main URL to go to the home page. (Note: we did not click the link!) It was a site with only document templates. No menu. No information about the business model – Are these free? How do we pay? Where did these templates come from? Just a page chock-full of pretty templates to download. (Note #2: we did not download any of the templates!)
Interesting. So then we typed in the rest of the URL, including the new page link. “Page not found.” HMM.
Obviously, her link wasn’t any more live than ours. So why would she send it?
Remember that some viruses and ransomware infections travel via macros in Word documents. We couldn’t tell if the files on the web page were actual templates or documents or, really, anything about what kind of files they were without clicking them. That way lies disaster. Better to leave well enough alone.
But why wouldn’t she send a live link? We can only speculate here, but the site did have some nice-looking templates. Document design can be stressful for a lot of people. Anyone drawn to the overall site by the link might be looking for document formatting ideas. Then, they might be tempted to download the files, which might install viruses and malware. (By the way, Microsoft provides nice-looking – and validated – document templates. Go to File ‑> New in any Office program.) This all may seem a bit far-fetched, but scammers will go to great lengths to trap a victim.
So, was it a new kind of dead link email scam?
Here are some signs that the email was a scam:
Subject line contained “Re:”. “Re:” is legitimately added to a subject line for an email reply. But we hadn’t sent her anything to reply to. She claims she emailed us previously, but no prior email from her was attached. If it had been, the subject line would have had a “Fwd:” added, not “Re:” Re: on an email from someone you’ve never sent an email to before is a common email scam red flag.
Subject line was oddly insistent. “Please FIX this broken link on the taznetworks.com website” – all-caps “FIX”? Someone feels unexpectedly strongly about this. Or wants us to feel urgency about it. It’s like those angry “why did you send me this invoice?” scam emails. If they can make a person nervous enough to act before thinking, they’ve won.
The sheer amount of work performed by this “helpful” person. She found a blog post from December 2017, about 8 months or 32 blog posts ago. There she found a two-word broken link, which, by the way, was to information easily available elsewhere. She took the time to email us about it, supposedly twice. She included organized information that required a lot of research and formatting work. Sure, some people are genuinely nice (or frustrated) enough to notify a web site about broken links, typos, etc. But most people won’t bother.
The destination site was… just plain weird. No menus? Only files? No information about them? Handy Pinterest tags for easy sharing? Remember that documents can contain macros that install viruses, ransomware, and other malware. That’s why we always advise think before you click. Double-check before opening or downloading document attachments that seem at all unusual or that you weren’t expecting. It’s ok to trust your gut if something seems sketchy.
Might this have been some kind of school project? Maybe. Setting up a bot to crawl web sites looking for dead links and then using AI to “helpfully” suggest possible replacements sounds like it could be an innocent (and interesting!) experiment. But why use that destination link if it’s not a scam?
We looked around on a couple of security sites for information about a new dead link email scam and didn’t find anything definite. In the end, we just unlinked our text, deleted the email, and moved on. (Oh, and wrote this post about it!)
But, if you get a notification that you have a dead link on your site, and the informant has “helpfully” provided a replacement, research your own legitimate, updated link before blindly sending your readers to a potentially malicious web site.
When was the last time someone reviewed your network security? Use the contact form or call us at 810-355-2280 to set up an appointment today.