Posted on April 4, 2017 at 6:00 am
To be clear up front, we have not heard of any scams regarding the Spokane County Library District, or any of our libraries. Also, scammers will use anything they can to get your money. So when we heard of an email scam involving the Seattle Public Library, we thought we’d take this opportunity to help prevent something similar happening with Spokane libraries.
In the Seattle area last month, several people reported receiving scam emails using the email address “joan@seattlepubliclibrary[dot]com” (note: bracketed text replaces the period in the email’s domain name). This email included subject lines about overdue and lost library books. These emails contained a link to sites used to spread malware or malicious software to recipient computers. It’s important to note that more than half of the recipients of this email scam do not have library cards and there has been no breach of security at the library. Scammers are just sending a broad message to whoever takes the bait.
About the real-looking fake email address: most libraries in the U.S. have a website and email that end with the extension “.org”, or “.edu” if affiliated with a college or university. The “.com” ending is the first red flag that perhaps the sender isn’t a library at all. If you are ever suspicious of an email or website link, you can look up the domain at www.whois.com to find out registrar and owner information. For example, the scammer using the email ending in “@seattlepubliclibrary.com” is actually registered as an entity in the Cayman Islands (second image below). Here’s what the actual domain (first image) and the fake domain for Seattle Public Library look like:
To be proactive, here are some things to keep in mind about your Spokane County Library District account:
If you receive an email that doesn’t seem to be from a trusted source:
There has been no security breach of our library accounts, nor does the Spokane County Library District store any payment information. This article was written as a preventative measure to remind all of us to be aware that these email scams, and phone scams as well, will use any means they can to get what they want.