The practice of spoofing is nothing new. In the internet age, the term has come to mean any email from a fraudulent source pretending to be from another source. In other words, an email from a hacker that looks just like one from your bank, that tells you to click on a link to confirm your purchase by logging into your account.
Obviously, the purpose of these emails is to trick people into giving their login information to a nefarious character who can then sell it on the dark web or try any number of other sites to see if you’ve used the same login info for your bank, credit report and whatever else is on the net.
Some of these emails are very well done, with graphics and text that look just like the real thing.
Then there’s the one I received that claimed to be from Capital One. I’m bringing this topic back because when I first wrote about this, many people may have never considered getting a card from Capital One. However, with the introduction of the Venture X, there’s a new pool of Capital One customers who would not be surprised to receive an email from their nee bank.
Still, the level of ineptitude of this email was stunning.
The errors started right off with the subject line of the email.
Spell the bank wrong and two lazy keying errors and I’m one line in.
I would think that a real email would use the actual Capital One logo, but they opted to just use boldface type for one part and italics for the second half of the name. The repeating of “exclusive” is also a tell that this is not real.
Then there was the bottom of the email where you’d expect to see a link to unsubscribe but instead, there was this:
When I hovered over the sender of the email, here was the email address I found.
Cuz that definitely looks like an email that would come from Capital One.
I did what any responsible person would do. I forwarded the email to Capital One’s fraud department. 
Whatever you do, if you receive an email like this, don’t click on anything. If you want to be safe, just delete it immediately. If you’re sure you can do so safely, forward it to the bank/business/whatever’s fraud dept. They’re easy to find if you just Google the company name and spoof email.
I’ve gotten many of these types of emails. Some are pretty convincing but it’s been a while since I got one that was this bad.
Want to comment on this post? Great! Read this first to help ensure it gets approved.
Want to sponsor a post, write something for Your Mileage May Vary or put ads on our site? Click here for more info.
Like this post? Please share it! We have plenty more just like it and would love it if you decided to hang around and sign up to get emailed notifications of when we post.
Whether you’ve read our articles before or this is the first time you’re stopping by, we’re really glad you’re here and hope you come back to visit again!
This post first appeared on Your Mileage May Vary
1 comment
Since the email came from Gmail address, you may want to let Google know:
https://support.google.com/mail/contact/abuse