Back in December, I got an email from someone claiming to be Team Cherry, the developers of Hollow Knight. This "marketing liason" was offering me early access to the sequel/expansion, Silksong, to review.
A friend with connections to the game press quickly pointed out that the real Team Cherry wasn't sending out early access review codes and that they were actually warning users about impersonators on their "Contact Us" form. The email I received was a scam from someone looking to infect me with malware and/or steal my identity. (I wrote a twitter thread about it here)
About a month later, as I was wrapping up work on my "Definitive way to Play Sonic Adventure 2" video, I received another email, this one claiming to be someone from Frontier Foundry asking to sponsor an upcoming video for the release of "Deliver Us Mars." I told them I already had a sponsor for the Sonic Adventure 2 video, and after I was done, I was planning on taking a holiday. They got weirdly pushy with me, saying I could "make a short video" and put the brand deal there. I was too busy finishing the SA2 video, so I ignored them and moved on.
Now another month later, I find myself finishing a quick little video and thinking about that Frontier Foundry offer again, but upon looking at it with fresh eyes, it also was a clear and obvious scam. Just like with the fake Team Cherry offer, the person isn't listed as an employee at Frontier Foundry, the email they sent the offer from seems to be a personal email address that doesn't match who they said they were, and the "Contract" they tried to force on me was a huge Google Drive zip file that was password protected to prevent me from seeing what was inside before I downloaded it. The fact that they were so pushy with me suddenly started making a lot more sense.
As icing on the cake, I tried to ask the person for proof of identity, and in the month+ since we last talked to each other, their email address has been forcibly closed by Gmail.
If you're an up-and-coming content creator, please be careful and be aware of tactics like this. It's easy to get starstruck by the idea that you're special enough to get picked for a sponsorship deal or an exclusive beta, but always research WHO is sending you that email and NEVER be afraid to ask for proof of identity. Go over their heads and check with the employer they claim to be from if you need to.
Be smart, protect yourself, and stay safe out there.
Just got another one, this one claiming to be PR for Mundfish, developers of Atomic Heart.
The email is attached to a .info site, registered through NameCheap. The official website is mundfish.com, and was registered via GoDaddy. I have already reported the .info site to NameCheap's legal department for investigation.
Note that they want to send me a script to read, which, like the Frontier Foundry Google Drive link, would probably be the malware infection vector. Again, having done actual brand sponsor deals now, I know exactly how this goes -- for my SNHU read, the brand worked through a dedicated management company that had a professional website setup that hosted stock footage for me to use in my ad read. They were adamant I wrote and personalized my own script.
Everything was above board and plainly visible. There were no password encrypted zip files. I always knew exactly what I was downloading. Nothing was ever hidden, suspicious, or aggressive.
I don't want to be paranoid, but, I'm also noting the fact this is from a "James" with no last name attached. The first two attempts gave me a last name, making it easy to look up and verify if they were an employee. By just saying "James" they can cast a much wider net and make it less obvious they aren't employed where they say they are. Given that these don't seem to be coming from an automated bot and are the work of a human person that seems to be targeting me with a specific angle, I do wonder if maybe they've seen my posts about this and are trying to make it harder to verify their identity.
That being said, according to LinkedIn, Mundfish does not employ even a single James.
Unlike the first two, where I wasn't really paying close attention and accidentally initiated a conversation with these people, I have no intention of replying to this doofus.