Opera warns YouTubers about scammers pretending to represent the company to promote Opera GX
Opera has warned YouTube content creators that scammers are using its brand name in a phishing mail campaign. This is a pretty common trick used by attackers to fool users into believing they are communicating with a well known brand, and make a profit out of it.
A screenshot of the email shared by Opera reveals that the scammers are pretending to be the manager of OperaSoftware. The fake mail mentions that OperaGX browser lacks popularity, and that the company wishes to cooperate with the recipient, in order to promote the software through their channel.
It also asks the user to reply to the mail, in order to discuss the terms of the offer. From the wording, it appears that the scammer would likely request the user to provide their bank details, which could end in disaster.
If you look at it, the message almost appears to be legitimate. Experienced users will be able to tell that it is fake, but they aren't usually the victims of phishing attacks. The uninformed individual, however, might fall into the trap. Opera says that it has received multiple reports about the scam, and that it seems to target small YouTube channels.
I think it is good on Opera's part to acknowledge the malicious email campaign, and educate users about it. The company says that it only contacts content creators via press agencies. In addition to checking the sender's mail address, Opera also advises users to verify the sender's profile on LinkedIn to avoid being scammed.
While that is a good idea, there are other ways to tell if an email is from a real company or a bank representative.
How to identify scam emails easily
Legitimate emails will always address you by your proper name, and not as a user/customer. Your bank or a company's contact person will have access to this information, and will use it because it is common courtesy, and also because it helps build rapport between the two.
The sender's email address, as Opera mentioned in its announcement, is another dead giveaway about a phishing mail, providing you take the time to notice it. A common tactic used by scammers is to mention the company's name in the sender's name field, while the email address is different. The recipient, upon reading the brand's name (instead of the email id), might mistake it to be a real mail. Likewise, the sender field in the message, may not just mention your email address, but that of others as well.
Phishing attackers no longer pretend to be a Nigerian prince in dire need of your help, they try to act as representatives of popular services that you may be using. Here's a screenshot from my own email inbox that illustrates the problem. That's not my email address, yet it landed in my inbox and not the junk folder, so even the best email providers often fail to detect a malicious mail as spam.
Fraud emails tend to contain spelling, grammatical errors in the body of the message. The Opera GX scam email is no exception to this, the brand and product names have incorrect spacing, i.e. OperaSoftware, OperaGX.
The signature is another part of the mail that can be used to check the authenticity of the sender. In this case, it is written improperly, and does not provide the name of the sender or the brand's website.
Scam mails may link to a website, but you should never click on these. At first glance, they may appear to direct you to a legitimate site like example.com. But when you mouse over the URL in your web browser, you may notice that the link has some garbled text like xyzabc123totallynotascamsite.com, or something that looks partially like the official site but ends with some nonsensical text. These are clearly malicious links that if clicked on, could potentially steal your username, email address, or in the worst case scenario could stealthily download a malware that could infect your computer.
If you receive a malicious mail, you should report it to the corresponding company, to protect yourself and other users from phishing attacks. Remember, if something sounds/looks too good to be true, it is very likely fake. Don't fall for these tricks.
Have you or anyone you know ever been a victim of a scam?
Phishing, vishing, smishing, hacking and all kind of digital frauds should be treated as acts of terrorism against the person, the society and the whole own country interests. Thanks @Ashwin for this article, it shows perfectly how these mafias and other organized crime around the world. :]
Yea, let’s treat people like terrorists and see if it fixes the issue… Sounds like something humans have tried 100 times throughout history to no avail. Internet fraud should be treated as fraud. It will not stop as long as people are falling for the scams.
LOL yeah… it’s not idiots fault to open obviously fake emails and respond to obviously fake emails with personal and “sensitive” information.
Stop covering people’s stupidity and putting the blame on the people who do it, if people were actually smart and didn’t click everything they see, the “bad” guys wouldn’t exist.
Sounds like you were victim of a fraud and that’s why you are butthurt about it, don’t compare this crap to other issues like when bad people steal/clone card information or anything like that where people are really innocent. This is people’s fault, get over it.
@Anonymous said … “This is people’s fault, get over it.”.
Leaving apart your lack of empathy, I think that all goverment’s security agencies are working 24h/365 to prevent all possible crime, including everything related with internet, in order to provide as much help as possible too. And please, people deserves a peaceful life, away from frauds and crime of all kind. Following your unfortunate phrase, if someone goes to a police station, he would wait attention and good care, not someone saying “sir, it was your fault, get over it”. Damm it, I hope not. :[