Phony subpoena? Scary phishing message?
Asked by
Jeruba (
56032)
April 30th, 2016
I received an e-mail telling me that I’m subpoenaed to appear in court in my city next week. It contains several errors, and I can’t find the sender’s name or the supposed judge’s name in local online sources.
It doesn’t tell me what the summons is for but speaks of “your case” and alludes to a website that I own. There’s no indication of whether I’m supposedly on the plaintiff or defendant side or what I might be asked to speak about; there is a presumed case number that doesn’t bring up any results on Google.
Do genuine subpoenas ever come by e-mail? Must they be served in person? Is there certain information that they must contain? What kind of tipoff can I rely on to say that this is bogus and I can ignore it?
I’m sure I sound naive. I know enough to disregard threatening phone calls from speakers with Indian accents who say that the IRS is going to sue me or that my Windows computer is calling for help. But I’ve never seen one like this before, and yes, it does scare me.
There’s an 800 phone number, but I’m not calling it. When I googled it, I didn’t get a direct hit, but a group of numbers came up in sites whose Google snippets include a lot of Chinese characters.
If it is phishing, what could the sender be after? How would this ruse accomplish it?
Observing members:
0
Composing members:
0
10 Answers
LOL no. They can not be served by email.
The ruse could be to simply check if the email address is valid so they know you will read the flood of spam that is incoming.
Subpoenas need to be delivered in person by a qualified process server who can attest that the message was delivered to the person who is supposed to receive it. Email doesn’t qualify. There are too many uncertainties: someone else could have access to your email and see the message but fail to deliver it to you; you could be traveling at the time that the email is received and incapable of changing plans that quickly, or the email could be sent to a spam folder by a mis-applied filter.
No, you won’t receive a “real” subpoena by email. In fact, a phishing attempt that devious should be reported to whoever owns the email domain from which it was sent. The usual address for that terminal is: abuse@domainname-dot-com. If there’s action to be taken, that’s where it should start.
Additional: If you think that it’s from a foreign domain where they may not take action, you should feel free to report it to the FBI, too … for whatever good it’ll do.
Bad spelling or grammar is a huge flag in any “official” email. The use of three or four different fonts is another. Good ones have the correct government agency’s logo embedded in the email.
One of the more popular scams is for the “subpoena” to state that you are being sued and that the pertinent court documents are attached. When you open the docs, you’ve just introduced malware—or worse—into your computer.
A twist to this is that you must go to a certain site to get the pertinent court documents. When you go to the site, malware is dumped into your computer.
Business people are favorite targets. As a domain owner, you may be seen as a business owner.
These emails are masked to be some government authority, such as subpoenas, so people will automatically open whatever is attached. The scam, evidently, is quite effective:
“Thousands of high-ranking executives and small business owners across the country have been receiving e-mail messages this week that appear to be official subpoenas from the United States District Court in San Diego. Each message includes the executive’s name, company and phone number, and commands the recipient to appear before a grand jury in a civil case.
“A link embedded in the message purports to offer a copy of the entire subpoena. But a recipient who tries to view the document unwittingly downloads and installs software that secretly records keystrokes and sends the data to a remote computer over the Internet. This lets the criminals capture passwords and other personal or corporate information.
“Another piece of the software allows the computer to be controlled remotely. According to researchers who have analyzed the downloaded file, less than 40 percent of commercial antivirus programs were able to recognize and intercept the attack.”
I was getting a lot of those for a while, about a year or two ago. Lots of court cases, tickets for places I’d never been, no details, sketchy details, bad English. I put each into the spam folder so that they stopped coming, eventually.
Never open any attachments if any out of curiosity as pointed out by someone. It can be malware or more harmful than that. Mark / Report it as Spam category.
Ignore the email…delete it and run a malware scan and then have a fudge sundae
We got an email warning about this one at work last week. No, they don’t send subpoenas by email.
Thanks, everyone. Perhaps I wouldn’t be so nervous if there hadn’t been so much court business in my life already during the past year. It makes my heart race even when a document with the county logo on it comes in giving notice of a planned construction project. Still not quite breathing easy about this, but I believe you.
@Jeruba: The spammers and scammers count on people being terrified of court, legal action, the threat of someone showing up at their door, humiliation, etc.
For me, what really did it was I realized that these “courts” would in no way know my email address, so that was the end of my fear.
Well, that would be reasonable, @jca, but I had to put an e-mail address down as domain name owner. The red flag to me was that both of those things appeared in one message, whereas normally they never occur together.
I don’t assume that anything anywhere on the Internet or in the cloud is secure, nor anything on my own computer. I don’t believe most of us have the least idea how exposed and vulnerable this technology makes us.
Answer this question
This question is in the General Section. Responses must be helpful and on-topic.