So I pulled up this website, https://larkine.shop/ when I was looking for Lark in the Morning and its got the Lark In The Morning Logo. Pull up this site yourself to check it out and rather you think it is legit. In the past I would pull up the California website every now and again to see what they have
Anyhow this website looks like a scam. It says it is based out of Camden SC and provides an email, “ggjude@gmail.com” as well as an street address. The site advertises different Instruments and shows all of them as being on sale with very big discounts. Its got the logos of all the various payment methods you would care to use. Does anyone know about this website ? Looks a bit shady as I don’t see it mentioned on the California Lark In The Morning website
Lark In The Morning is closed on Mondays, but I’ll call the Phone Number from the Store Number on the Website Ive used in the past.
Man, if you can’t trust folk instrument sites, who can you trust? That takes some work to do…
Eric
The WhoIs results are here:
https://uk.godaddy.com/whois/results.aspx?itc=dlp_domain_whois&domain=https%3A%2F%2Flarkine.shop
The anonymous domain name owner appears to be in Iceland (assuming WhoIs uses Alpha2 codes). Which sounds odd for a US company, though it might not be. The only other geographical info is ‘Capital region’, and both the USA and Iceland appear to have one of those.
The website looks VERY suspect. They don’t post the manufacture name of bamboo flutes. Extreme discounts, but who can verify the posted normal price as legitimate,
and what is the quality of the products, besides tourist trash?
The photos of the flutes don’t look anything like quality bamboo flutes from India. Ouch.
The whole thing looks like a cheap importer trying to fake out people who are easily fooled. “SCAM” importers.
If they are scam artists, if you contact them, their response will be sure BS: what you want to hear, it won’t help, and they won’t tell you
anything legitimate about the products or prices, just fluffy sales talk.
If they are the type of supplier who commonly deals with tourist gift shops, they don’t care about quality of product, they want to move
volume, the things have to “look” real and that’s it.
Ben – I’m guessing you know this already…but the real Lark in the Morning website is: https://larkinthemorning.com. If you talk with Eric or Thorn (or whoever), probably be good to let them know about this other site, which appears to be fake/scam.
Btw, Lark has a newsletter that comes out pretty much weekly you can sign up for by emailing: harmony@larkinthemorning.com
I haven’t been to the Berkeley store (though have ordered a couple of whistles over the last few years), but ‘back in the day,’ used to visit the shop when it was at the San Francisco waterfront.
stiofan
These days, one has to be pretty savvy about shopping on the internet, particularly since it is so easy for a scammer outside of any type of jurisdiction to set up a bogus shop. A couple of years back, there was a thread in the flute forum of a similar nature (not about Lark In The Morning). There was some online store selling flutes made by myself, Casey Burns and I think Stephan Gabriel among others. They had photos of our work, mostly pulled either from our websites or from the Irish Flute Store website. They weren’t discounted or anything–they simply weren’t our flutes. One C&F member had actually bought one of my Essential Flutes, paying full price. What they received in the mail was more or less a hollow branch with some holes drilled in it! Casey Burns looked into this company a bit and all that really came up was that they were based in Cyprus if I recall–well out of reach of any type of action on the part of the makers or the customers who purchased a bogus flute. Impossible to find out who was really behind this site. I wouldn’t be surprised if they were still doing this (I haven’t bothered to keep track of them–what would be the point?).
Anyway, the moral of the story is obvious–a little due diligence pays off. In the above case, it’s more straightforward because the potential buyer can take a second and e-mail me or the other makers and ask if this retailer is legit. I could have told them that my flutes were not available anywhere except directly from me or the Irish Flute Store.
It’s quite easy for scammers to make a site appear authentic, but a bit trickier to disguise things like their e-mail address. I get e-mails all the time from places like PayPal that look exactly like the e-mails PayPal actually sends to their users. But if you simply take a peak at the e-mail address that it was sent from, it is clearly phony–they can’t actually use PayPal’s address.
Lark In The Morning is a pretty venerable California-based business, and it would be very odd if they suddenly shifted their base of operations anywhere else (especially outside of the U.S.).
It’s quite easy for scammers to make a site appear authentic, but a bit trickier to disguise things like their e-mail address.
Unfortunately, this is not true. It is trivial to spoof the “from” address in an email along with the reply-to and return-path. You can check the routing, “recieved-from”, IP address which may give a clue as to whether an email is legitimate in origin.
You should always be careful following links that ask for logins or financial details, even if the email address “looks right.”
This is interesting. When you say “spoof the from address” do you mean the way the address appears at a glance (in the “from” field)? Because you are right, that is commonplace. In my own e-mail program (just the mail program on my mac), a fake e-mail might indeed mimic a legit site, such as saying the e-mail is from PayPal. But if I click on that field to see the actual address, it never looks authentic. It might say “PayPal” in the “from” field, but when I click it might say bologna@scamnet.com or some such. It never has a legitimate @paypal.com address, for example. If you mean that scammers can spoof the appearance of a real PayPal address (to stick with the example) when you click on that field to see the origin address, then that is troubling. But as I say, I’ve never seen that happen and I get bogus e-mails of all types that look legit on the surface, but none of them have a legit address when you dig into it. Maybe I’ve been lucky?
All the emails with what appears in the ‘From’ field spoofed that I have had in the last few years are as Geoffrey describes. Before that I am not sure.
Whether they are really from the ‘underlying’ email address I am not sure. The only one I have saved purports to be from my ISP but with the email address of a Methodist church 200 miles away. So either the church had their email account compromised or a genuine - but spoofed - email address was used to (successfully) fool my ISP’s spam blocker into letting it through. I am fairly sure the ones I sometimes get showing me as the sender and claiming to have taken control of my email account and (non-existent) web cam also have another underlying email address - otherwise I would have looked at the header rather than just hitting delete.
Maybe the site in the OP only has to get a few paid for orders to have been worthwhile setting up. Say for low-cost accessories where it could have been one of many sites thrown up by search and not looked at too closely.
Yes, I mean the actual email address in the “from” field. SMTP (simple mail transport protocol) does not check or authenticate “from” email addresses in any way. ie. it is trivial to send an email with a spoofed “from” email address.
Why don’t you get so many of these? There are certain factors I think, one is that so many spam emails are sent from cracked email accounts where the unwelcome visitor tries to lay low and not alert the account owner too early. Another is botnets where thousands of Windows machines are co-ordinated in sending these spam emails and, again, the botnet operator wants to lay low and not be noticed by the Windows computer user.
But, in the end, all that you need is a working SMTP server (on any internet connected machine) and you are able to spoof the “from” email address. Yes, someone is bound to mention SPF, DMARC and DKIM, but, without getting too far into it all for this forum, these have to be set up at the domain level, they do not prevent emails actually being sent, and you usually have to search through the header to find whether or not an email has failed to pass the test. eg. strings including the domain name names and “spf=pass”.
What all of this means is that checking the actual email address in the “from” field is often a good indicator … but it ain’t a slam dunk.
Hi, Eric here from Lark in the Morning. I’d just like to confirm that we’re aware of this fake site and have been trying to get them taken down. We’ve now posted a notice on our home page and if you’d like to help out please file a complaint at these websites:
FBI’s Internet Crime Complaint Center - https://www.ic3.gov
Federal Trade Commission - https://reportfraud.ftc.gov
Google - https://safebrowsing.google.com/safebrowsing/report_phish/
Thanks!
Update: I emailed Lark in the Morning about the fake site. They’re aware of it and have been trying to get it shut down, but apparently it’s not a simple thing to accomplish, even though there must be cyberlaws that the faux site has violated.
Once again, the Lark’s real site is:
https://larkinthemorning.com/
stiofan
Update: I emailed Lark in the Morning about the fake site. They’re aware of it and have been trying to get it shut down, but apparently it’s not a simple thing to accomplish, even though there must be cyberlaws that the faux site has violated.
Once again, the Lark’s real site is:
https://larkinthemorning.com/stiofan
My suspicion is that cyberlaws are hard to enforce, at least in many places. That bogus site that was selling my stuff chose Cyprus, I suspect, because they knew that they would be out of reach in terms of legal challenges. Plus they likely count on the fact that going after them would be an expensive and protracted process, and no individual vendor is likely to expend the resources.