An email is the easiest way for scammers to mass distribute "fake" messages to people, and it takes very minimal effort on their part. Email service providers such as Gmail, Hotmail, and Yahoo! do their due diligence and filter all suspicious emails but scammers are finding new ways to bypass such filters. As end-users, we must do our own due diligence and avoid all scams used by scammers to trick us.
Average user receives 121 emails per day, and 1 in every 101 emails is a scam. This translates to at least 1 email received during the day is a scam. Do you know how to differentiate a legitimate email from a fake? A fake email is a hoax email sent to a specific person (or in mass) to defraud you into doing something you shouldn't. The most popular email scam is phishing which asks a user to verify his credentials on a hoax website pretending to be a real site.
How do you detect a fake email?
We must stay vigilant about protecting our online security, and be able to spot fake emails and protect against phishing and catfishing attacks. We identified 8 number of ways how we can detect scams in an email.
- Trace Email: To fake someone, the person sending an email must appear to be legitimate. For example, if someone sends you an email indicating that your Wells Fargo mortgage account has been compromised, and you must change your password. The first thing most people will verify is whether the email was originated from wellsfargo.com. An email may indeed appear to be coming from firstname.lastname@example.org, but is it legitimate? The email protocol does not verify FROM address, so anyone can pretend to be sending an email from wellsfargo.com or whitehouse.gov. Instead, you'll have to locate email header and trace email to verify source of the email is indeed coming from the Wells Fargo server.
- Free Email: If an email claims to be from a reputable company, and the email actually came from a free email domain such as gmail.com, hotmail.com, outlook.com, or yahoo.com; chances are good that the email is fake.
- Verify URL: To steal your personal information such as username, password, and bank number, a scammer will send you a phishing link in an email. You'll have to closely examine the link before you click on it to ensure that you're not redirected to a malware site. By hovering over the link with your mouse (or right-mouse click and choose to inspect), your email client will reveal the true URL of the link without clicking on it. Make sure the link goes to the site where you think is going, otherwise don't click on it. For example, the same example above may have a link going to wellsfargo.abcxyz.com or we11sfargo.com instead of the real wellsfargo.com. Scammers use look-a-like characters to fake victims by replacing l with 1 and m for rn, for example. If an email contains shortened link or you cannot resist clicking on it, use a site like Unshorten It to reveal the destination site without clicking on it.
- Addressed to BCC: To send mass emails, scammers may send emails to BCC address instead of using TO address. There is nothing wrong with blindly copying you on an email, but if the email is for you there has to be a reason for it.
- Professionalism: If an email came from a reputable organization, it is very unlikely to find any spelling and grammatical errors. Most scam emails originate from foreign countries where English is not their primary language, and the email usually contains some errors.
- Too good to be true: If you received an email asking you to cash a large sum of money or big rewards for a small favor, it's likely a scam. Scammers use high-priced lottery winning or offering a job that you didn't apply for to get your attention. If someone is offering you something free or something that is too good to be true, you are dealing with a scammer.
- Nosy, Fishy, and Urgent: It's most likely a scam if your email contains an urgent request from an unknown person, or asking you to complete a personal profile from a phishing link. Your banks, IRS, or brokerage firm will not send you an email for urgent requests.
- Money: If an email is asking for money or you receive an email confirmation for a purchase you haven't made, be wary. The goal of scammers is to earn money by sending you a fake invoice or asking for money pretending to be someone who they are not. If a scammer intercepts an invoice, they may send you a new invoice and ask you to wire money to a brand new bank account. Also, scammers find personal contacts from hacked email or social media accounts and ask your acquaintances for money urgently.
The primary purpose of scamming people is to earn money. Cybercriminals send email to steal personal information by redirecting a user to a phishing site, and use it in identity theft. Or, infect users with a malware or virus and use them in DDoS attacks. Finally, scammers may ask money directly by creating a sense of urgency.
Leave a comment
All comments are moderated. Spammy and bot submitted comments are deleted. Please submit the comments that are helpful to others, and we'll approve your comments. A comment that includes outbound link will only be approved if the content is relevant to the topic, and has some value to our readers.