It’s always a good idea to know what to look for in an email that could be malicious. Whether these emails come from someone you don’t know or from a familiar email address, scam emails can occur in three different ways. The emails you should keep an eye out for are spam, phishing, and scams. Here are a few ways to identify each of them and some examples.
Spam is the most familiar of the types of common email scams you might experience. Spam emails are unsolicited emails sent en masse. It’s what we refer to as “junk mail.” Unlike phishing and scam emails, spam is usually sent without the malicious intent of getting you to download destructive software. Instead, they may aim to get personal information from you later on. These “old fashioned” scam emails include chain emails, bogus business opportunities, health scams, discount software offers, and advance fee fraud.
Spam emails often include enticing headlines like “More Money Now” or “This New Diet Will Change Your Life.” Common scams will focus on monetary factors, such as building a better credit score, a work-from-home offer, “free” goods, how to earn easy money, and even investment opportunities. In the body of the email, grammar errors will likely give away the fact that the email isn’t sent from a legitimate organization.
Email services like Gmail have developed ways to identify scam emails based on factors like administrator set policies, empty message content, and unknown sender addresses. But if your spam filters don’t catch the emails, keep an eye out for any email addresses that don’t seem familiar or offers that seem too good to be true. If the scam is common, you may be able to search the web to see if other people have reported it.
Example of Spam Email:
Gmail has already identified this email as spam because it came from an unknown sender and is similar to emails that other users have reported as spam. The “too good to be true” headline and the sense of urgency immediately gives this away as spam. You can also see that the email contains grammatical errors and random capitalization.
Phishing emails are designed to look as if they’ve been sent from a legitimate organization. Their goal is to entice the recipient to click on a link, download an attachment, or provide personal information. Some common phishing scams include fake communications from a bank or IT provider asking for money, or an email asking you to click on an attachment or go to a different site to view a joke, special offer, etc.
Phishing scams likely look like they come from a company you might trust and can even use logos from large companies. Given how sophisticated some of these emails may look, it’s even more important to be able to identify some of the common factors of phishing emails. A generic greeting such as “Hello, Customer” can be one common sign that this email is not from the company it claims to be. Another common identifier for phishing scams is misspellings. For example, the phrase “Eliminate Debt” may be shifted to say “Ĕliᵐińate Ɖebţ” to evade filters but still remain legible. Most scam companies are aware of filters built into email systems, and will purposefully insert spelling errors into their subjects to get past these filters.
The best way to confirm that an email is a phishing scam is to verify with the company from which you’ve received the email. Log in to the official site with your secure information and see if you have received any notifications that match the email or contact a support representative. Don’t follow the links in any email that feels “off” as these links could have malicious software.
Example of Phishing:
This email is an example of a new phishing scheme that appears to be from Amazon. If you received this email and knew that you had not made a purchase, you would likely be tempted to click on the link to cancel the order. When you respond to an email like this, someone will collect your real Amazon login to access your account. Key giveaways for this particular email as a phishing scam are the generic greeting and the phone number which has been programmed with html to hide other characters so that it looks like a legitimate number.
Scam emails are most likely to be received from a person who looks real. These emails often come from an email “hack.” If you received a suspicious email from a real email address, it falls under a hack. These emails will likely be asking for money outright. If you haven’t heard from someone in awhile and they reach out asking for money, that should raise alarms. Scammers could have breached a colleague’s email address and sent you the email. A good rule of thumb is to personally ask your contact or colleague if the email is truly from them using a different form of contact. Do not reply directly to the suspicious email if it can be avoided.
Example of Scams:
This person hacked an email account and looked for any emails that referenced payments to try to get more money from people. To avoid any scams, the recipient texted the sender to make sure that it was legitimate before responding, and when he replied that it wasn’t, changed the password to secure the account.
What to do if you encounter a scam email:
If you receive a scam email (particularly spam), you can take a few actions to help protect yourself and other users.
First, update your spam filters in your email to reflect the spam you’ve seen. You can restrict the users who are able to send email by updating your filters. You can customize your level of security from just filtering our junk mail to filtering out anyone who isn’t on your safe list. Second, report the email as spam. This will let the email provider know to filter out the emails on their entire system. Third, install an antivirus software and firewall on your device to help protect against installing any harmful software received via email.
If you would like to receive more training on email safety or if you have any concerns about an email you’ve received, please call our team at (843) 324-5824.