A few days ago, I received a message that I thought came from my bank’s security department. The email asked me to verify my account information so that my service would not be interrupted. It provided a link which I could click to enter a few details.
The return email address seemed like my bank’s. I looked closely at the logo in the email, and it was identical to my bank’s.
1. They imitate the real thing.
That reminded me of some literary scams which pass themselves off as legitimate. Fake agents may take kickbacks from vanity presses to make it appear that they have sales, or they claim to have “worked with” commercial publishers. Many vanity presses will say they’re not by any means vanity presses – they’re co-publishers, subsidy publishers, traditional publishers, etc.
2. They rely on social compliance.
Society trains people not to question authority. Hustlers exploit this “suspension of suspiciousness” to make you do what they want.
From a presenter of The Real Hustle (1)
I don’t understand a great deal about banking, so I trust whatever my bank tells me. If they say there’s a security problem, I’ll believe them and do whatever’s necessary to have it fixed.
Many writers do the same thing with people or companies whom they perceive to be in a position of authority over them. Literary scammers play on that. They know that many writers find publishing complex at best, and trust their publishers and agents to deal with the intricacies of the business on their behalf. So they’re likely to comply even when faced with requests for money, as this writer did:
…soon after I signed the contract, they called me home and wanted me to pay with my credit card the sum of $49 saying it was necessary to cover the cost for priority production.
3. They cast their nets far, wide and indiscriminately.
I read through the email a second time (it was pretty short) and noticed that it wasn’t addressed to me.
Oh, it began with “Dear my-email-address”, but that’s not my name. Could whoever sent it have just used a mail merge program and a database of email addresses?
There are phishing scams which target specific victims (spear phishing), but many of them will send out such mass, impersonal emails. It provides the maximum return for the minimum effort. The same thing applies to author mills, which rely on churning out content for the least amount of work… on their part, not on the writers’ part. So they accept almost anything, and their correspondence tends to be form-letters or copy-and-paste.
4. They make it easy for you to comply.
To verify my account’s security measures the hard way, I would have had to look up my bank’s phone number, call them and then wait on the line for someone to answer. On the other hand, there was a convenient, clickable link in the body of the email…
If you want a real agent or a real publisher, you may need to spend years honing your skills and more time undergoing the grueling process of submissions and rejections. It can be difficult and disheartening. And even after the book is accepted, the work is by no means over. I spent most of my Christmas break struggling with edits.
But a fake agent or publisher will be more than happy to accept your manuscript as-is, and will do so quickly. They’re unlikely to ask for edits or changes. They will make it very easy for you to be maneuvered into a situation where you end up paying them.
5. They can be defeated with a little research.
I don’t remember where I first read of phishing scams, but I was pretty sure that banks don’t ask you to provide details of your accounts in emails, just as legitimate agents and publishers don’t ask you for money.
So I called my bank and spoke to a nice customer service agent who confirmed that the email was a scam and suggested I forward it to the bank’s actual security department. He also persuaded me to open another account with them, the smooth talker. But on the whole, this story has a happy ending and I hope any writer faced with a literary scam will also deal appropriately with the scammer.
1. Stajano F, Wilson P. Understanding scam victims: seven principles for systems security. 2009 (retrieved April 3, 2010). University of Cambridge. Available at: http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-754.pdf