I Wrote About Email Infrastructure and Immediately Unlocked a New Achievement: Suspicious Emails.

• The Red Flags Started Appearing
• Why My Scam Radar Started Beeping
• A Message to "Healer"

I had barely finished celebrating my first article on Dev.to when the internet decided it was time for the next lesson.

Less than 24 hours after publishing a story about email infrastructure, I received an unexpected email from someone called "Healer".

According to the message, I had been selected for an excellent business opportunity and the chance to earn significant supplemental income.

The red flags started appearing

The day after publishing my first article, I received an email and for a short moment, I felt great.

Wow, someone read my article. Maybe they liked it. Maybe this is the beginning of my writing career.

Then I actually read the email. The excitement disappeared surprisingly fast. The message was so generic that it could have been sent to literally anyone who had ever published anything on Dev.to. There was no mention of my article, no mention of the topic and no indication that the sender had actually read a single word of what I wrote. Then I noticed the link. And that started a whole new chain of thoughts.

If this is a business proposal, where is the company name?

Why is everything so mysterious?

Why does this sound less like a professional email and more like the beginning of a side quest from a suspicious NPC?

Maybe it was a legitimate opportunity. Maybe I was to miss the deal of a lifetime, but I wasn't brave enough to open a random link from an email that looked this suspicious, so I did what any reasonable developer would do. I closed the email and immediately started thinking:

"Wait a minute... this would make a fantastic article."

I wasn't planning to write anything new for at least a month. Apparently, the internet had other plans. A few hours later, things became even more interesting. I received another email. Not from the same address, but it seemed very likely to be from the same person.

The entire message contained just one sentence:

"Please, why are you not replying to my emails?"

Why my scam radar started beeping

Let's take a look at the email and go through it step by step to see what immediately caught my attention.

1. Why email is so suspicious

For obvious reasons, I'm not going to publish the real email address.

it's looked like:

impostor24323433242@gmail.com

(Disclaimer: this is a completely made-up address. If it accidentally belongs to a real person, then apparently my random number generator needs some work.)

2. Why email content is so generic

The next thing that caught my attention was the content itself. There was no mention of my article, no reference to the topic and nothing that suggested the sender had actually read it.

It's look like this exact same email could have been sent to anyone who had just published a post on Dev.to and linked a GitHub profile.

3. And finaly link to docs

Surprisingly, the link itself don't look suspicious. It pointed to Google docs and the domain appeared to be a legitimate Google domain. At first look, there was nothing obviously dangerous about it. What made me uncomfortable was not the domain itself, but the fact that the email provided almost no information and expected me to click a document to learn more. Maybe it was a perfectly legitimate proposal. Maybe it contained details about a real business opportunity or maybe it contained more links leading somewhere else entirely.

4. And finaly again: Who sends a follow-Up email after less than three hours?

After few hours i recived one more mail with conent:

"Please, why are you not replying to my emails?"

And why was this email sent from a different address than the previous one?

A message to "Healer"

Dear Healer,

If this was a legitimate business opportunity, then I owe you an apology.

Unfortunately, an anonymous Gmail account, a mysterious Google docs link, a promise of significant supplemental income and a follow-up email after less than three hours activated every security-related neuron in my brain.

So if you're not a scammer, a phisher, or the final boss of a cybersecurity awareness course, please consider this article friendly feedback.

Next time, try adding:

• your name,
• your company,
• a few details about the opportunity,
• and perhaps slightly fewer mystery quest vibes.

Further reading

If topic is important for you, I highly recommend reading the articles below:

• https://www.fortinet.com/resources/cyberglossary/solarwinds-cyber-attack - One of the most famous supply chain attacks in history. A fascinating example of how attackers can compromise trusted software and gain access to thousands of organizations.
• https://www.cloudflare.com/learning/access-management/phishing-attack/ - A practical introduction to phishing, common attack techniques, and the warning signs that should make you think twice before clicking a link.
• https://dev.to/tymoteuszgluch/how-i-accidentally-learned-email-infrastructure-while-trying-to-avoid-a-sendgrid-bill-5e6a - The prequel. Before the suspicious emails started arriving.