Creators need to stay constantly alert for channel-killing scams. Here’s a great example of why: I received a very well-crafted scam email from ‘Corsair’ last night. It used assets from Corsair’s actual domain and closely resembled the legitimate emails I’ve received from them in the past — both as a creator and a customer.
On the surface it looks very legit, in fact the “sender,” Darren Toy, does work for them in marketing. But let’s dig deeper..
The first warning sign was this:
The email wasn’t coming directly from Corsair but through “modernitgen dot com.” I loaded up a cloud VM and visited the website and found it to be a tech school located in India. The school likely has a compromised SMTP server that the scammers were able to exploit or somebody on the inside is in cahoots with them there.
You’ll also note in the first image that the reply-to doesn’t go to Darren Toy at an official Corsair corporate email address but rather some random Gmail that anyone could put together.
This is just another warning for creators to scrutinize every single request like this. Gmail passed this email straight through because the sending mail server, while likely compromised, was nonetheless trusted at some point.
What would have happened next? Most likely “Darren” would have sent over some malware disguised as a contract that would attempt to steal my login cookies and do to me what happened to Linus Tech Tips back in 2023.
If you’ve ever received a poorly crafted scam email you are likely on a list that scammers use and pass around. The smarter ones put together much more believable versions like what I received here.
I heavily scrutinize every email like this that comes through, going so far as selecting Gmail’s “show original” option to dig through the email headers to make sure it is a legitimate communication. 9 times out of 10 it’s not.
Unfortunately mobile email apps lack some of what we need to scrutinize these emails. My suggestion is to never reply from your phone no matter how juicy the offer is. Get back to your desk and do your due diligence before communicating with a scammer.