Email: some recent scams in my spam box

Self-tutoring about email and computer security: the tutor mentions some recent arrivals.

The following is according to my understanding.

I mention, back in my post from January 19, 2026, a situation in which an email server detected a phishing attempt as spam. Lately I’ve been busy, so I left an email account unchecked since about a week. The spam box – aka, Junk – had some new arrivals that were almost funny, except for being potentially dangerous.

One said I had received some bitcoin – an obvious scam, since I don’t have a crypto wallet. The other one suggested my password to a hosting service had expired. In each case, I was directed to click a link. (Not happening.)

The email sender, in each case, was the same. That was odd, since the two emails referred to services that would be unrelated. I looked up the domain registration of the sender, which I finally found – that’s another story, for a different post.

In each email, the suggested link to follow was to a domain different from the sender’s. Once again, for both emails, the link leads to the same domain, which starts with a v, then has four more characters, then dot sbs.

I looked up the domain registration behind the suggested link. It contained an error that, to me, seemed obvious. More about that situation, hopefully, in a future post.

Likely, the spam checker knew the two emails were scams because of their subject lines. An expiring password warning is typically suspicious; even moreso, a message of receipt of bitcoin. The two unrelated services being referred to from the same email sender, to me, was a big red flag as well.

Source:

apache.org: SPAMASSASSIN: WritingRules