I must admit this sets my spidey spam/phishing/419 scam 6th sense into overdrive, someone wanting to speak to me in confidence by email (for the native French speakers - do I have the translation correct?).
The odd thing though is the originator is putatively the plumber who installed the heating system for the previous owner of the house and with whom I corresponded by email three years ago when I had a problem with the heat exchanger.
I suspect this is not genuine (though it does appear to originate from an orange.fr email account so that bit is not forged). For one thing it just feels like spam, for another the plumber did not presume to use “tu” the last time we corresponded, for a 3rd there is a subtle difference between the email address on the plumber’s website, which was also used in our correspondence in 2015 and the address from which the above email was sent.
I have replied, just in case it is genuine, but remain suspicious - anyone care to lay a bet as to how it is going to pan out?
I reckon someone has hacked the plumbers email account, BTW
It wouldn’t stay confidential long if anything you wrote got onto his hard drive as you would have no control over its accessibilty by third parties, however tightly his lips might be sealed.
It would be an absolute no-no for me, Paul, and I would give him a wide berth.
What I have given away just by replying is that my email is valid - this is itself useful information to a spammer but I get so much spam I don’t think that really matters. Fortunately I have pretty good filtering (I run my own email server) so almost none of it gets through to my inbox and the rest is trivially easy to spot and delete (occasionally I throw it back at the matching algorithm so that it can learn that it is spam). The most harm might be that the spam filter has to work a bit harder.
We will see if he replies.
The article that Elisabeth linked looks worth a read but it’s long and in French so it will have to wait for now, I got the gist with a quick glance. I’m fairly familiar with scammer’s techniques in English but working in a foreign language is much, much harder so it is worth knowing the common ploys.
One thing I can say though is that fake technical support seems to be on the rise so if anyone phones claiming to be from Microsoft or your ISP or anyone else who has “detected a problem with your computer” tell them to **** off and if visiting a website produces a pop-up message to the effect that your computer has a virus do not be tempted to call the number - get a local tech, preferable with references, to check thngs out if you are really worried.
Paul… only a question… using your email address… is it possible for a hacker to gain access to your address book and send a similar fake message around ???
That depends - from my email address probably not, but most of us have email addresses with one of the large ISPs or providers such as gmail so if I know someone has an orange.fr address that gives me a route in to guess or hack a password - that is one reason that strong passwords are a must. Of course if someone hacks the system generally and manages to download password data it doesn’t matter how strong they are.
What is trivial is to send email which appears to be from someone else, to spot that you need to be able to read email headers; normally hidden from view but containing a wealth of information about how the message travelled through the internet to reach you.
Spammers commonly spoof the originating address where the message has a link so they don’t actually expect a reply to the email. They also very frequently use the same email list to randomly put a real email address on the message - then when people reply to complain, or email systems generate messages for non-delivery it is not the spammer which gets all the crud but some poor unsuspecting indiviual on the 'net. This is called back-scatter and has happened to me once or twice.
In this case the “correct” email address is in the form m______.m______@orange.fr and the one I received as m_______m_______@orange.fr - it’s possible Orange considers these to be the same - gmail does and I seem to recall some scam involving gmail addresses which differ by just a dot but can’t recall the details for the moment.
If I get a reply I imagine it will be obvious whether it is genuine but if so it is a very odd way to start a conversation.
Countless times in recent times I’ve fallen on hard times in Brussels, Berlin, Hong Kong, Istabul, Madrid, Cape Town, Manila, Famagusta and Ho Chi Minh City, losing my luggage, passport, wallet and mobile phone all in one fell swoop.
I emailed my friends for help, overwrought and helpless, using an internet cafe whose proprietor gave me free access to a computer and a cup/glass of sweet jasmine tea/strong Turkish coffee/Dunkelbier/ouzo and a friendly hand on my shoulder.
All my friends sent funds immediately by Western Union to get me out of an awful scrape, and nobody ever asked me to repay their kindness, which is why I was able to develop a lucrative career by hapless travel around the globe! I’ve now retired and have a part-time consultancy, with offices in Accra, Lagos and Timbukhtu.
Basically its free advertising - the response rates are fractions of a % but when you send out millions of emails that’s all you need.
Mostly my spam box is full of offers of romance miracle cures for various common health problems and offers to enhance certain parts of my anatomy. There are quite a few people who want to send me invoices and payroll data as well.
But some of it is really much more sinister - particularly so called spear phising where someone (usually board level with a budget) is specifically targeted.
Ha ha Peter… I got an odd email from my young brother some years ago… I knew he was travelling, but not sure where…
An odd email arrived saying he was now in Malta and had lost his wallet (you know the story)… and would I please send … blah blah blah…
It was odd, because the phrasing wasn’t bit as he would have written it… so I phoned one of his friends to check if Malta was on the itinerary… and… of course… it was not… he was not in Malta, he was in Denmark… phew…
But it was spooky… how the fake story detail… almost fitted in with real life… and it was his email address …
Many others got the same message… but none sent money… that’s friends for you…
There was an experiment where someone wanted to demonstrate how horoscopes work - possibly James Randi - he asked each of a class of 30 or so what their birthday was and then, later, handed them a sealed horoscope. Afterwards he canvassed the class to see how many thought the horoscope “true” - quite a lot did.
Then came the reveal - he had given the same horoscope to the whole class.
In short if you send out a load of emails claiming to be someone’s brother stuck in Malta some would land with people who’s brother was travelling and maybe even near Malta.
Unfortunately I don’t think I have any way of telling the plumber his email account has been hacked. My French isn’t good enough to call him and I can’t trust his email address.
I suspect the whole of his address book have been contacted (that’s what happened with the ComCom President)… so he will know by now…someone will have mentioned it…
and it was his email address … 
