Is it a scam?

CourseVector’s team of security experts receives scam emails almost daily. We know it is becoming more difficult to tell the difference between scams and legitimate email requests. If you are in doubt about any email that you receive, forward it to and one of our technicians would be more than happy to provide you with comments and recommendations. This is free to all CourseVector and PA State Association of Boroughs accounts.

We want to help you become savvy to what is a scam and what is a legitimate email. Below, you will find examples that we or our clients received.

Email Add Recovery Number

Another dangerous scam warns users that if they do not add a recover phone number to their account all of their data will be deleted. Many companies use two-factor authentication as an added layer of security. Legitimate companies will not threaten you with data deletion, though.

If you do decide to click through to add an account recovery number from the bogus email, it will take you to a fake login screen. They will then collect your credentials for use at a later date.

Read more about this email scam and see images of the scam here.

Manage Your Undelivered Email Scam

This Outlook scam sends an email claiming that you must decide what to do with undelivered mail. The subject line might be something to the effect of: “Notifications | undelivered emails to your inbox” and pretends to be a list of email being held on the server for you. You must click through and decide what to do with each message in the list. But, when you click a message, you are taken to a bogus login screen. Your credentials are saved by the scammer to be used at a later date.

With this scam, the fake login screen is hosted on the scammer’s server. The URL is obviously not a Microsoft URL.

For more information, or to see examples of this type of email, click through to the Bleeping Computer article.

Domain Name Scams

Many domain name registrars send out notices, and bills, even though you do not have your domain name registered with them. Worse, they tend to charge more money, and, sometimes they can tie up your domain name to the point where you end up losing it or paying an extraordinary sum of money to get it back.

For most clients, your web site included a domain name and is included and paid for with your annual fee. If you get a domain name renewal notice or bill, please do not renew or pay without checking with contacting us. We will be happy to assist you in whatever way we can.

For the record, a domain name should only cost approximately $12. Normally, the companies that send out notices charge significantly more.

Following are examples of domain renewal notices that are not legitimate. We will be posting more as we can.


Notice that when you mouse-over the payment icon, the link does NOT go to GoDaddy, or even to PayPal.

Service Blue

Service Blue domain name scam

Web Domain Listings

Web Domain Listings domain name scam

Domain Listings

Domain Listings domain name scam

Domain Registry of America

Domain Registry of America domain name scam

No Company Identified

no company listed for this domain name scam


Email Hacked Scam

There has been a sharp increase in the number of “your email has been hacked” scams circulating lately. These emails are a scam. No one has control of your email or computer. Should you receive one of these, delete it. Do not reply. Do not pay.

Email Sign Up Form

Amazon Email Scams

It is commonplace to see several emails in your inbox from Amazon. However, make sure that they are legitimate before clicking on them!

Amazon explains that fraudulent emails often contain:

  • An order confirmation for an item you didn’t purchase or an attachment to an order confirmation

    Note: Go to Your Orders to see if there is an order that matches the details in the email. If it doesn’t match an order in Your Account, the message isn’t from Amazon.

  • Requests for your username and/or password, or other personal information
  • Requests to update payment information

    Note: Go to Your Account and select Payment options. If you aren’t prompted to update your payment method on that screen, the message isn’t from Amazon.

  • Links to websites that look like, but aren’t Amazon
  • Attachments or prompts to install software on your computer
  • Typos or grammatical errors
  • Forged email addresses to make it look like the email is coming from

You can actually report spoofed Amazon phishing emails to Amazon

Job Interview Scam

One place people may not expect to be scammed is during a job interview. However, it happens! Prospective employers are not going to ask you to download anything special for the interview process. If you are asked to download something during a job interview, don’t – especially if you are using a government or employer computer for the interview!

Interview Scam

Receiving Files in a Word Document

As if it’s not difficult enough to tell the difference between a legitimate email and a phishing email, cyber criminals will often steal logos from real companies to make their scams look real. How do you keep yourself safe? Companies like Norton and TripAdvisor won’t send you videos or files via a Word Document. Most companies want you on their site or sent standard alert boxes. These types of message will not be sent in a Word Document. If you receive one, delete it immediately.

More information

Team of IT Service Providers

One of our staff recently received an email similar to this. Notice that the grammar is pretty bad and the name of the company is too generic to be legitimate:

All staffs;

We are migrating all personnel email accounts to Staff Outlook 2018 desktop e-mail and as such, all active staff members must check and log in for the upgrade and migration to take effect now. This is done to improve security and efficiency due to recent spam received.

Please all staff 
CLICK HERE  <link removed> Switch to Outlook Webmail 2018 for staff

Team of IT Service Providers,
Outlook Services for Staff and Internet Services
Copyright 2018

Email From Someone Familiar

Sometimes an email comes from someone familiar with an attachment. That doesn’t always mean it is safe. If you are ever concerned with a link from a familiar email address, you can do either or both of the following:

  1. Open it in a sandbox to make sure it does not contain a payload.  If you are not able to do this, ask IT for help.
  2. Follow up with the sending firm (which WAS legit in this case) rather than clicking on anything in the Email.

Enabling Macros

Enabling macros through an application such as Microsoft Word can spread a virus. When you enable something like macros, it allows for the language of the application (in this case Microsoft Word) to reach out to the internet and install a virus. Keep these things in mind the next time you are prompted to enable macros on Microsoft Word or any application for that matter.

WordPress Database Upgrade Needed

Emails are being circulated telling customers that their WordPress installations need to be upgraded. As with many scam emails, there are many grammatical errors. The “Click here” box takes the user to a phishing page, asking for WordPress credentials.

Website Suspension Alert

We received this email from “cPanel” stating that our website was going to be shut down. Now, we know that our website is not going to be shut down because we host and control it. But, should you ever receive a message like this, here are some things to watch out for.

If we host your website, website suspension emails are going to come from CourseVector, not cPanel. But, if you see this and feel panicked, here are some things to look at. They make it seen pretty official with real screenshots of cPanel. However, this is not a screenshot of YOUR cPanel account! If you look closely, it’s a dummy account. Additionally the links are fishy. They do not go to a CourseVector website, which they should since we are the host. When in doubt, contact your website host before clicking on anything!
cPanel site deletion message

PayPal Account Access Suspended


One of our team members received this email, stating that he needed to provide all of his account details on their secure server. There are several ways to tell that this is a scam. The grammar and punctuation are horrible. Additionally, the “secure link” does not go to a PayPal website. But, if you’re in doubt, “To protect yourself, always log in to your PayPal account to confirm the information you received in an email. You can find all your transactions in your Activity page. For any cases such as buyer complaints or limitations, you can find them in the Resolution Center.” (PayPal)

Ready to get started?

"Your passport to all things web."

1 Abbey Lane
Camp Hill, PA 17011
Phone: (717) 516-6955

CourseVector Terms & Conditions
Design and hosting by CourseVector. All rights reserved. Copyright 2019.

To contact us after hours please use the panic button.
Fees may be incurred depending on reason for support.