Ask Dave Taylor
  • Facebook
  • Instagram
  • Linkedin
  • Pinterest
  • Twitter
  • YouTube
  • Home
  • YouTube Videos
  • Top Categories
  • Subscribe via Email
  • Ask A Question
  • Meet Dave
  • Home
  • Spam, Scams & Security
  • Did I Really Just Win $500 from Venmo? [No, You Didn’t]

Did I Really Just Win $500 from Venmo? [No, You Didn’t]

October 22, 2021 / Dave Taylor / Spam, Scams & Security / 2 Comments

Just got an email that I’m a bit suspicious about, Dave. The subject is “$500 Venmo balance needs confirmation.” Normally I would ignore these, but Gmail is saying this one’s from a trusted sender. So is it legit?

I’ll make this short and sweet: No, the email with the subject “Venmo balance needs confirmation” is not legit, it’s a phishing scam.

But let’s dig into it a bit more, because it’s good to be able to cast a skeptical eye on these sorts of messages and learn about some of the great online tools that can help you stay safe online. To start, any email can be spoofed to appear like it was sent by anyone from any domain. For example, I could send you an email from “president@whitehouse.gov” without much hassle. There are forensic clues that it’s spoofed, but if you’re not paying attention, you could fall for it.

Same with the notification from Google that “This message was sent from a trusted sender”. Google’s pretty savvy so that’s not an easy one to fake out, but what if the email itself contains that line, mocked up to look like it’s part of Gmail? With over a billion active Gmail accounts, it’s a safe bet that most of their intended victims are on that platform too.

Let’s start by looking closely at the email itself. Since it’s a popular spam message, it’s no surprise that I too have a copy in my own inbox.

“VENMO BALANCE NEEDS CONFIRMATION” SPAM EMAIL

Mine looks like this:

venmo cash confirmation spam email message

One thing they’ve gotten right is to offer a small amount of money. We’re more likely to follow a trail offering a small and rational amount of winnings than millions or tens of millions. $500? Maybe, just maybe, it’s legit!

Look closely and you can see the green bar along the top saying “This message was sent from a trusted sender.” Digging into the email message reveals that it’s actually part of the message, not a confirmation from Google. For fun, here’s that same code embedded into this page:

-This message was sent from a trusted sender.

Seems legit, right? Nope.

What’s better to search for on these email messages are typos. Since most spam comes from overseas, it’s common for there to be odd spelling errors or grammatical hiccups. Here there are at least three. Can you spot ’em?

IDENTIFYING THE TARGET URL DESTINATION LINK

Most modern email programs will give you a preview of the URL you’d visit if you click on a link, and hovering the cursor over that big blue “Confirm” button offers just that in Gmail:

venmo spam email - finding the url link

It’s a bit small, but the URL starts with https://bit.ly/3Bs1Dg7…

This is your second red flag: Any real email from a legit company like Venmo isn’t going to be hiding the destination URL with the bit.ly URL shortener. I know, this isn’t purporting to be “from” Venmo, but keep reading…

Can you expand it without actually clicking on the link? Yes, you can!

I’ve written about how to expand shortened URLs before, but we’ll just do it again here. Copy the URL without clicking on it with a right-click on the button:

venmo spam email - copy url link

Now we’re ready to find out more about that destination…

HOW TO EXPAND A SHORTENED URL WITHOUT CLICKING ON IT

There are a number of different services, and any bit.ly URL can be expanded automatically by appending “+” to it. I like the site ExpandURL. It prompts for a shortened URL:

venmo email cash scam email spam - expandurl

Don’t worry about the explanatory text here, just notice that there’s an input box and an “EXPAND URL” button. Paste in that URL you copied off the button and click.

venmo email cash scam email spam - expanded bitly url

A ha! So this shortened URL expands to “newslettersoff.me”.

Okay, so what’s that domain all about? You can find that out too…

HOW TO IDENTIFY REPUTATION OF AN INTERNET DOMAIN

One easy tool is to just use your favorite search engine. I’ll do that with Bing, searching for “whois newslettersoff.me”:

venmo email cash scam email spam - whois newslettersoff.me

A report on Norton Safe Web is ominous. You can jump to the Norton Safe Web site directly, if you want to sidestep this search step, by going to safeweb.norton.com. Here’s what it reports:

venmo email cash scam email spam - warning untrusted site

“This is a known dangerous web page. It is highly recommended that you do NOT visit this page.”

I’m pretty sure that’s enough to convince you that this isn’t anything legitimate or trustworthy. You’re not getting $500 via Venmo or any other channel. Sorry.

WHAT IF YOU CLICKED?

Turns out that most of the modern Web browsers would protect you if you did get suckered and click…

Warning: This site has been reported as unsafe

And if you had a browser that didn’t offer up any protection (probably time to switch, if so), here’s where you’d ultimately end up:

venmo email cash scam email spam - landing page - win a venmo gift card

So what’s going on here? Well, surprisingly, it’s not asking you to “log in to your Venmo account to confirm your winnings”, as I expected, but it’s still scammy; you share your email address, they then sell it to list harvesters and you get MORE spam and scams. After all, this one worked, why wouldn’t others work on you too? Ugh.

Note: If you’re curious, Venmo has an informative page about Common Venmo Scams. Worth a read.

The long and short of it is that vigilance and skepticism are your best defense in an age where spammers can be using AI-based software and build intricate paths to protect their identity. You haven’t won a trip, that anonymous beautiful woman doesn’t want to spend the night, and you’re not going to get millions from a disaffected member of the military or foreign widow!

Pro Tip: I’ve been writing about online scams for many years. Please check out my spam, scams and security help area while you’re visiting. Thanks!

About the Author: Dave Taylor has been involved with the online world since the early days of the Internet. Author of over 20 technical books, he runs the popular AskDaveTaylor.com tech help site. You can also find his gadget reviews on YouTube and chat with him on Twitter as @DaveTaylor.

Let’s Stay In Touch!

Never miss a single article, review or tutorial here on AskDaveTaylor, sign up for my fun weekly newsletter!
Name: 
Your email address:*
Please enter all required fields
Correct invalid entries
No spam, ever. Promise. Powered by FeedBlitz
Please choose a color:
Starbucks coffee cup I do have a lot to say, and questions of my own for that matter, but first I'd like to say thank you, Dave, for all your helpful information by buying you a cup of coffee!
email scam, identify spam, venmo scam, venmo spam

2 comments on “Did I Really Just Win $500 from Venmo? [No, You Didn’t]”

  1. sef says:
    December 15, 2021 at 4:56 pm

    Thank you, I already received that letter to my email. I saw word that this mail is trusted even though it was automatically put in the spam list. I was just going to click on the link. But I backtracked, blocked the mail sent from him, and deleted the message.
    I receive a lot of similar messages. I would like to ask why do I receive such messages and where did they get my email from? This is really confusing. Is blocking mail and deleting the message enough?

    Reply
  2. mrk says:
    December 8, 2021 at 12:00 pm

    look at the bottom to opt-out
    chick her
    her? who’s her?

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Search

Recent Posts

  • How to Check Energy Recommendations on your Windows Laptop
  • How Do I Customize New Tab Windows in Safari for Mac?
  • Can AI-Generated ChatGPT Text Be Accurately Identified?
  • How to Perform a Microsoft Account Security Audit and Checkup
  • How Can I Customize My Linux Dock / Taskbar?

On Our YouTube Channel

How to: Replace a Switchbot Door Sensor Battery

EMEET Luna vs INNOTRIK Studio Bluetooth Speakerphones -- DEMOS & REVIEW

Categories

  • AdSense, AdWords, and PPC Help (106)
  • Amazon, eBay, and Online Shopping Help (163)
  • Android Help (226)
  • Apple iPad Help (147)
  • Apple Watch Help (53)
  • Articles, Tutorials, and Reviews (346)
  • Auto Tech Help (15)
  • Business Advice (200)
  • ChromeOS Help (31)
  • Computer & Internet Basics (778)
  • d) None of the Above (166)
  • Facebook Help (383)
  • Google, Chrome & Gmail Help (188)
  • HTML & Web Page Design (247)
  • Instagram Help (49)
  • iPhone & iOS Help (623)
  • iPod & MP3 Player Help (173)
  • Kindle & Nook Help (99)
  • LinkedIn Help (88)
  • Linux Help (173)
  • Linux Shell Script Programming (89)
  • Mac & MacOS Help (911)
  • Most Popular (16)
  • Outlook & Office 365 Help (33)
  • PayPal Help (68)
  • Pinterest Help (54)
  • Reddit Help (19)
  • SEO & Marketing (82)
  • Spam, Scams & Security (95)
  • Trade Show News & Updates (23)
  • Twitter Help (220)
  • Video Game Tips (66)
  • Web Site Traffic Tips (62)
  • Windows PC Help (947)
  • Wordpress Help (206)
  • Writing and Publishing (72)
  • YouTube Help (47)
  • YouTube Video Reviews (159)
  • Zoom, Skype & Video Chat Help (62)

Archives

Social Connections:

Ask Dave Taylor


Follow Me on Pinterest
Follow me on Twitter
Follow me on LinkedIn
Follow me on Instagram


AskDaveTaylor on Facebook



microsoft insider mvp


This web site is for the purpose of disseminating information for educational purposes, free of charge, for the benefit of all visitors. We take great care to provide quality information. However, we do not guarantee, and accept no legal liability whatsoever arising from or connected to, the accuracy, reliability, currency or completeness of any material contained on this site or on any linked site. Further, please note that by submitting a question or comment you're agreeing to our terms of service, which are: you relinquish any subsequent rights of ownership to your material by submitting it on this site. Our lawyer says "Thanks for your cooperation."
© 2023 by Dave Taylor. "Ask Dave Taylor®" is a registered trademark of Intuitive Systems, LLC.
Privacy Policy - Terms and Conditions - Accessibility Policy