Few days ago I have got an email that indicated that I won a green card. It looked strange since I never posted registration forms though.
The story begins - First Mail from USAFIS which includes an "intro" for a mail that I should receive from the US government, see the email content in the following image:
Few minutes later I have got a mail from "firstname.lastname@example.org" which indicated that I won the green card and the only thing left is to pay a 880$ fee. See screenshot below:
These emails looked strange from the following reasons:
1. No contact details in both emails.
2. I never filled a form for getting a green card (should I?)
3. As far as I know - USA is a governmental site, which means that it should be ended with .GOV instead .COM
Therefore I decided to investigate this potentially fraud. Each solution for a mystery begins with one small step - Who are USAFIS? Did they sent me the email? In order to get the answers, I sent reply email with question about the winning. The reply that I got is an automatic reply which indicated that the information can be found in the second email that I have got, see screenshot:
OK, It was not enough for getting the information that I mentioned to get, therefore I googled and found the web site of usafis. I sent an email to the helpdesk and asked if I won the green card. As response I got the following email which tells me that it was a fraud:
Note: The real email from USAFIS comes from USAFIS.ORG, where the fake comes from POST.COM domain.
As for the .GOV/.COM issue, I executed whois query and found the following info about usa.com domain:
If I ran the same query on USA.GOV, I would not get any information.
In conclusion, please note the emails that you read and verify (as far as you can) the identity of the sender.