You get an email from someone you trust with a link. After clicking it, you’re suddenly taken to a website that tries to download and install unwanted files. Sometimes, your screen could be filled with pop-up advertisements all related to pornography.
This scenario is quite common on the Internet, and it may be difficult to keep yourself completely shielded. After all, the message could have been from your grandmother.
Email scams are probably one of the most prevalent forms of nefarious activities on the Internet. In reality, many people have more phishing messages in their inbox than legitimate mail regardless of how careful they are.
If your address is in the wrong database, you could easily accumulate more than 20 messages per day from random hackers looking to steal your information.
In fact, fraudulent email may already be costing your business a lot of money.
Although some of these are insanely obvious to even the most novice of users, many of them look legitimate. However, most of these email scams have telltale signs you can watch for to determine if they’re true or not.
Here are my five practical tips everyone can use to protect themselves form being a victim.
1. Does the message call you by name?
Most of the time, scam artists don’t really know a person’s name based purely on email. Lists of addresses are often sold without having a form of identification to match.
If a message is truly legitimate, usually it will include your name. While this isn’t an absolute measure concerning how to differentiate real from scam, you may be surprised by how often it’s a key factor.
Organizations such as PayPal and eBay will always use your name or ID in the message. It will never say things like, “Dear Customer.” In fact, PayPal will use your full name in legitimate emails regarding your account.
Scams don’t include this information for two reasons: a) these people don’t know your name, and b) these messages are often sent in bulk and it’s impractical to change the name in each.
Using your name doesn’t necessarily mean the email is legitimate, though. Sometimes data can be obtained linking your name to an email address and then sold on the black market.
This is why you should also consider the next points when determining if an email is fake or not.
2. Does the “From” email address match?
A lot of seemingly legitimate email will originate from false addresses that appear real. For example, a lot of hoaxes surrounding PayPal will often show the address as “paypall.com” or perhaps “epaypal.com.”
At a quick glance, you might not realize the address is completely wrong.
Unfortunately, the sending email address is easy to fake in order to make it look real. In such an event, you would have to look at the email message’s properties.
If you use Outlook, this is relatively simple. If you right-click the message and then left-click on “Properties,” you’ll see a window with a tab that should say “Details” or something similar.
In this garble of text, you’ll see the originating server. If it says anything other than the address of the message, it could be fake. For instance, a fake email from eBay may come from some server like “@floatingducks.com” or something else that is completely different than “@eBay.com.”
3. Does the message have links?
When at all possible, avoid clicking on links that are directly in an unsolicited email. This is one of the more pronounced ways that malware and information theft occur in these messages.
Although the link may look innocent enough, it could take you to a false page.
Some software will allow you to see the link before clicking on it. For example, Outlook will show you the link in the bottom left-hand side of the screen when hovering over it with your mouse.
If you get a message from Twitter and the link displayed shows something like “http://bobsmeatmarket.com/twitter.com,” then it surely is a fake.
If the message is from a professional organization, such as a banking institution, type the address in your web browser by hand.
A message could inform you that there is a problem with your account and you need to log in to verify information. If this is true, then you should visit the site by going directly to it through your browser, not through the provided link.
4. Does the message look professional?
Online organizations will rarely use plain text for messages nowadays. However, that doesn’t mean they are legitimate emails. A common email scam will use actual images from organizations to make the email look more real.
PayPal users may receive messages with logos and links which could make the email look identical to the real thing. However, most of these messages will address you as, “Dear Customer,” something PayPal will never do as I mentioned earlier.
Bad grammar is another sign of a scam. Although not everyone has a degree in English, it doesn’t take a college graduate to see poor grammar used in an email from a professional organization.
An example of this is when you receive messages from the FBI that look as though they were typed by a first-grader. This is because not all scams are operated by natives of your country.
What if the grammar is good and the email looks real? Then you might want to consider whether the message is unsolicited or not.
If you get a message with a link to click on to verify your account with a service you never signed up for, don’t click it. Even legitimate organizations can be duped into sending these emails to you.
5. Is the message seeking personal information?
A lot of scams will sound like they know who you are but will ask for your information anyway. This is definitely a red flag.
For instance, lottery scams will say that you won but need your personal info to send a check. If they knew you won, they would already have that information.
You may receive emails from seemingly legitimate sources that need you to “verify” your information in a message. Currently, no organization will ever ask you for this through an email.
Unless you just subscribed to a list or service and need to click the link to verify your address, these are usually fraudulent.
It is safe to assume that no service, whether it’s a company or branch of the government, will ever ask you to send personal credentials through email. These organizations already have your bio and will not need it for “verification purposes.”
Sorry to say that the Nigerian prince who needs your help moving millions of dollars to the United States is more than likely some teenager in his mom’s basement looking to steal your bank information.
Keep Yourself Safe
Email is one of the most often used form of communication for both personal and professional use. Unfortunately, it’s also one of the most prevalent forms of scams and malware attacks.
Be mindful of the messages you open, and never take the content at face value. Although the message may look legitimate, there could be a malicious undertone to the material.