OK, we all know that spam we get—sometimes spoofed as if from our own email address!—telling us to click on some link.
The other day I got a new sort of spam. It was from a colleague, the subject line was “Are you available in campus,” and the email went like this:
On Feb 9, 2019, at 11:44 AM, ** <**.email@example.com> wrote:
Hello are you there?
with a legitimate-looking signature line with this professor’s title.
Seemed a bit brief, but who knows? I responded when I got the email, several hours later, saying that I was not around right then.
I completely forgot about all this until I received the following email today from a completely different colleague, subject line “Are you on campus,” with the following content:
On Feb 13, 2019, at 4:56 PM, ** <**firstname.lastname@example.org> wrote:
Are you free at the moment ?
Again, the message ended with a legitimate-looking signature line.
This seemed odd, so I checked the emails carefully and noticed that they were not the actual emails of these two colleagues.
OK, so it’s some sort of scam. But, as is often the case, I can’t figure out the plan. I’m gonna respond to this email and then . . . what, exactly? I mean, whoever’s doing the scam already has my email, so what do they get out of me responding to some fake address?
I can’t figure this one out.