Threat Intelligence Directory
Social Engineering
Fake Lottery or Sweepstakes Winner Notice
Attack Trigger
Unexpected windfall excitement overrides skepticism and rational thinking
What Attackers Want
$500–$5,000 in escalating "processing fees"
How This Attack Works
Victims receive congratulatory emails claiming they have won a lottery or sweepstakes they never entered. To claim the prize, victims must pay "processing fees," "taxes," or "legal costs" upfront. No prize ever materializes.
Red Flags to Watch For
- ✗You cannot win a lottery you did not enter
- ✗Requires upfront payment of fees before releasing winnings
- ✗Asks for your bank account details to "wire the prize"
- ✗Sender requests secrecy to avoid "disqualification"
Known Malicious Domains
These domains have been associated with this attack. Never click links going to these addresses.
- global-lottery-winners.comMALICIOUS
- sweepstakes-prize-claim.netMALICIOUS
- international-jackpot-notify.comMALICIOUS
Glance automatically blocks emails from domains on this list. Domain list is not exhaustive — attackers register new domains continuously.
How Glance Stops This
- Domain similarity analysis catches lookalike sender addresses at millisecond speed
- SPF / DKIM / DMARC validation flags authentication failures before you ever see the email
- VirusTotal + Google Safe Browsing checks every link in real time
- Urgency language detection scores the email higher for manual review
- Known malicious domain blocklist updated continuously from live scan data
Don't wait to get hit.
Glance scans every incoming email against 12 detection layers — including the exact tactics described above — before it reaches your inbox.
Protect My Inbox — Free