Email scamming is a serious issue that has grown to become one of the most common cyber-crimes. Scams are no longer just confined to emails with attachments or messages asking for your personal information, scammers have gone as far as creating fake websites and email addresses that closely resemble those of legitimate companies in order to scam unsuspecting victims. The scammer’s goal is always the same: get you to click on their link or download their attachment, which will then give them access to your computer and all the data stored there. In this blog post we will explore some of the ways you can recognise scam emails and avoid becoming a victim yourself.
Nowadays scam emails can look incredibly authentic, even down to the email address from which they’re sent. As a rule, if an email address contains random numbers, misspellings or a strange mix of upper and lower case letters – it’s probably fake. However, phishing emails can sometimes really effectively imitate the email address of the company they are impersonating. It is particularly difficult to spot on mobiles, where it will often just show the “business name” rather than the full email, making it look more legitimate.
If you’re unsure, you can view your emails on your phone browser and switch to desktop mode which makes it easier to see the full email address. Then you can compare the address to the ones listed on the official business website (use a search engine to get to the website – do not click any links in the email). You can also copy and paste the email address into something like Google and see if any warnings come up there.
Sometimes you might get an email asking you to confirm some private information. It might be very convincingly written and give excellent reasons as to why you need to hand over the details. Requests like confirming login credentials (including passwords), or payment information tend to be common. However, even if you think the email is legitimate it’s always best practice to visit the website directly rather than click any links provided. That way if you really do need to confirm any information you can see it directly on the website. And if you’re *still* not sure, you can always contact the company’s customer services directly to double-check.
As mentioned above, some phishing emails can be very well-designed, but actually many of them can be weeded out with a quick read through. Pay attention to spelling (especially business names) and grammar – any genuine emails will have been thoroughly checked before sending and there should be little to no errors within the content.
In fact, research (https://www.microsoft.com/en-us/research/publication/why-do-nigerian-scammers-say-they-are-from-nigeria/) done by Microsoft Research computer scientist noted that scam emails are often poorly written on purpose, in order to gain responses from only “the most gullible” and avoid investing their time into the wrong target.
If an email comes through that makes you feel anxious or disbelief to read, then it could well be fake. Often phishing scams are designed to play on the reader’s emotions, whether that be through a tale of hardship or the promise of an incredible opportunity. The language will seem urgent – it may say that you’ve won a prize but must act within 24 hours, or there has been a breach of your account and it needs to be acted upon immediately. If it sounds too good to be true, or too unreasonable to be fair, then it likely is.
If you’re expecting an email that contains a link, and it comes with an attachment – be wary. Double-check the sender’s address to make sure they contacted you in this way before opening any attachments. If you get an unexpected attachment from someone who has never sent one before, then delete the message without opening anything at all. You can also hover over any links to check the destination before clicking it. If it doesn’t match what’s written – don’t click.
Legitimate businesses aim to make their customers feel appreciated and their communication with you will reflect this. Genuine emails from companies you use will contain personal greetings at the top, often your name or the username you used when you signed up for their service. This is particularly the case for banks, and if you receive an email that uses “sir/madam” or in some cases sections of your own email address then that is an indicator that you’re looking at a scam email.
At ARK Computer Repair, we want you to feel confident online and hopefully these tips can give you a good basic knowledge on how to keep safe. If you’re unsure, be cautious. And if something seems suspicious or phishy, report it and delete.