Mr Umesh’s brother received a mail saying that his resume has been selected by Tata Motors. See the screenshot of the mail below (click to enlarge):
Mr Umesh’s brother forwarded this mail to him. Going through the content of the mail, he got a bit suspicious and decided to dig more into it. When the initial enquiries grew his suspicion, he decided to contact Tata Motors directly, and this is the mail he sent them (highlighted in pink are the red flags that raised doubts in his mind- click on the image to enlarge):
He received a reply from Tata Motors within half an hour, informing him that the mail was not genuine. I am not producing that mail here because of legal issues. But the gist of the mail was that there have been several such incidents reported recently, and Tata Motors have informed concerned officials regarding this.
Now that we are aware of this scam, let us see how to recognize such scams.
- If you are looking for a job and you receive such a mail, you’ll obviously feel happy about it. But once you get over the initial sense of jubilation, sit back and think- have you applied to that company anytime in the past? If no, ignore the mail, or better still, inform the concerned organization like Mr. Umesh did.
- The most obvious giveaway should be the grammar. As you can see from the screenshots above, there are lot many grammatical mistakes which you’ll not find in any official communications from reputed companies.
- But what if you had applied to the company and the mail looks grammatically correct? See the sender’s detail in the mail:
The domain from which the mail is sent in this case is directappointhrd.com, which in no way looks related to Tata Motors.
Note: To understand what a domain is and how it is different from an URL, check this article.
- If a company asks you to deposit cash as a security to start the interview process, you should immediately become suspicious. And also what’s the point of working for a company which doesn’t even have funds to arrange interviews !!
- If you are still not convinced, do a whois lookup on the domain used in the e-mail. Whois lookup of a domain tells you when a domain was registered and for how long. (If you are a regular reader, you might remember we did a Whois lookup to get some information on Imcrew scam).
For doing a whois lookup on any domain, go to www.whois.net and enter the domain name there. You’ll get the details of the domain registrar, domain registrant, date when the domain was registered and date of expiration of the domain. The information about domain registrant will generally be wrong for scam sites, so don’t worry much about that. Check when the domain was registered and when it is getting expired. Generally if it is a fraud, you’ll find that the domain has been registered a few months back and only for a year (that is the minimum period for domain registration).
See the whois information for this particular case below:
I hope this article will help you identify such frauds. If your friends or relatives get any such mails, caution them against it. Also, I think police department should gear itself up to tackle cyber crimes. Mr. Umesh informed me that he went to local police station to lodge an FIR, but the police officials there did not give any importance to it.
Mr Umesh should be applauded for thinking logically and taking efforts to bring this to everyone’s notice. If you have also come across any such online fraud, let us know through your comments below or by contacting us.