How to Spot Scam Emails and Avoid Getting Caught Out

The continued rise of email scams and phishing attacks is well documented but there are a few simple things you can do to help avoid becoming a victim

phishing - What is it?

Phishing is defined as “The fraudulent practice of sending emails or other messages purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers”

Stay safe

Here are some tips to help you keep yourself safe and not fall foul of the criminals

1. Check the Sender’s Email Address

The senders email address is a good place to start checking. Scam mails will often use email addresses that while they look similar to a legitimate company, but with slight variations. E.g. they might use something like support@amaz0n.com instead of support@amazon.com.

Another common trick is to use a variation of the company they are trying to mimic e.g. support@amazon-verify.com

Always inspect the email address carefully. If anything seems off, be cautious and be aware that in some cases, it’s actually quite easy to show a different email to the one actually used to send the email so this is by no means a failsafe.

2. Generic Greetings can be a giveaway

Many scam emails will have a generic greeting like ‘Dear Customer’ or ‘Dear User’ instead of your name. If you receive an email from a legitimate company you have an account with, it will usually greet you with your name. If an email starts with a vague greeting, it’s another red flag.

3. Be Wary of Urgent or Threatening Language

Scammers will ofter want to create a sense of urgency or fear to prompt you into taking the action they want you to.

They will use content like ‘Your account has been compromised’, ‘Immediate action required, or ‘Respind now to stop your account being deleted’. Legitimate companies typically will not use this kind of pressure. If an email is using language like this it is likely to be a scam so take a step back and assess it and do not click any links within the email.

4. Watch Out for Poor Grammar and Spelling

Scam emails can originate from anywhere in the world so English may not be the scammers first language, leading to noticeable errors in spelling, grammar, and punctuation. This is not a guarantee that the email is a scam, but can definitely be indicators of a phishing scam.

5. Check the Links Before Clicking

A common trick scammers us in emails is to have links that lead to fake websites. These sites are designed purely to steal your personal information.

Before you click any link, hover your mouse over it (without clicking) to see the actual URL (this can be done on a mobile & tablets too but you will need to check how to do this on your particular device).

If the link looks suspicious or doesn’t match the company’s official website, DON’T click it!

If you want to double check, go directly to the company’s website by typing the URL into your browser.

6. Beware of Unexpected Attachments

Scam emails can contain attached files that, if opened, can install malware on your device. look out in particular for .exe files – .zip files should also raise suspicion as these can contain .exe files.

If in doubt, DON’T open an attachment, especially from someone you don’t know. Nowadays it’s not common for legitimate emails to contain attachments unless you’ve specifically requested them.

7. Sometimes things just don't look right

When you receive an email, sometimes there can be things that just don’t look quite right such as logos that are pixelated or just not in the right place, fonts that don’t match the company’s usual style, or poor-quality images.

Legitimate companies, especially larger ones, will more often than not, have their emails professionally designed with quality images and proof read content, so anything that looks amateurish should definitely raise suspicicion

8. Check for the Company's Contact Information

Most scam emails I receive are pretty much copies of legitimate ones and will have the correct contact info etc at the bottom. This is done to convince you that it’s genuine so you’re more likely to click the buttons they’ve included in the email content itself.

If the contact info at the bottom is different to what you’d expect then that is an obvious cause for concern

9. Verify directly with the Company

If you’re still in any doubt about an email’s legitimacy, do not respond to it and definitely don’t click on any links. Your safest bet is to contact the company directly, using a known phone number or email address (not the one provided in the email). This is crucuially important if it’s asking for any sensitive details like passwords, card numbers etc.

In Summary

Unfortunately, scam emails can be difficult to identify, especially as the criminals tactics have become more and more sophisticated. However, by staying vigilant and learning to recognise the tactics used, you can protect yourself from falling victim.

Always scrutinise unexpected emails, be cautious with links and attachments, and don’t hesitate to verify suspicious messages directly with the company.

Once you’ve identified an email as a scam, you can report it but you should definitely delete it!

I hope this has been of some help but please let me know if anything isn’t clear.

Stay safe!