Widely used, anonymous and cheap to send, email is popular attack target for scammers. Falling prey to these attacks can have serious implications for both individuals and businesses including financial losses, identity theft and loss of other confidential information. This article offers some advice to help identify scam emails.

The Sender

It is important to remember that email addresses can be hacked and hijacked so you can receive scam emails from trusted sources such as work colleagues and customers. However the sender can often be a strong indicator of a scam email.

Public email services

There are a host of free, public email services to choose from online such as Gmail and Outlook where anyone can sign up for an email address. Receiving a supposed business email from one of these accounts should be an immediate red flag.

You may come across the occasional sole trader who uses a Gmail address for their business, however no large organisation such as Microsoft or Paypal will be sending business correspondence from one of these addresses.

Double check domain names

Scammers will often register domain names similar to that of the company they are impersonating. These can include character replacement such as a zero for the letter o or misspelling e.g. micros0ft.com, micrsoft.com. Sometimes the company will just be somewhere in the name e.g. 43843900paypal.com or paypal.125jkl3.com.

Take a moment to double check the domain matches precisely that of the legitimate business.

Unknown domains

There are 100s of millions of registered domains so you will often encounter ones you have not seen before. Checking a domain on the website who.is will allow you to see you long ago the domain was registered. Those set up for scamming will often (but not always) have been set up recently.

You can also check a domain (particularly that of a company) on a search engine such as Google to see how much information is available about them, reviews etc to try and build up a picture and see if you are dealing with a legitimate organisation.

Does the name of the sender match the email address?

In many cases we can set the sender name that appears on our email to anything we like so it is not a reliable way to verify who a sender really is.

Do not rely on the name of the sender and instead check the email address. If there is a discrepancy, i.e.  someone called ‘Paypal’ sending emails from a gmail account it is almost certainly an attempt to trick you.

Links and attachments

Email links and attachments can be used to direct a recipient to a malicious website or install unwanted software, it is important to be careful before opening them.

Links

Avoid clicking links in emails as much as possible. For example if you get an email from a company with which you have an online account instead of clicking the link go to a browser and log in the way you normally would to their site.

Before clicking a link check the address it is sending you to. You can do this in Outlook by hovering over the link for a few seconds. From here it is very similar to checking the sender’s email domain, check for a legitimate site that matches what you would expect from the sender.

Files

Attachments can contain malicious files that can compromise your account and devices.

If possible try to avoid opening attachments from people you do not know. Check the file extension of the attachments, whilst any attachment is a potential risk ones to watch out for include .exe (executable files) and .zip or .rar (compressed files).

Microsoft Office documents can contain macros- small programs used to perform common tasks. Malicious macros offer many of the same risks as running malicious software. You can often tell macro enabled office documents from the file extension, it normally ends with an ‘m’ e.g. xlm, xlsm, docm.

The content of the email

Recognising suspicious email content can help protect against scam emails. This is especially useful when a legitimate address such as that of a customer or colleague has been used to send the email.

Urgent Action Needed

Whilst some email scams will try to establish a conversation to build trust, many others will rely on a sense of urgency. The reason behind this is if someone feels rushed into action they are more likely to let their guard down. Examples of these emails can include-

  • Your account (email, office365 etc) is about to expire
  • Authorise an unexpected payment on your bank account
  • Legal/tax threats
  • A customer or colleague needing something done urgently

No email is likely to need action in the next 5 minutes, take a minute to properly check it over before acting.

Offering a lack of specific information

Through a combination of publicly available information online and social engineering it is possible for a scammer to know a great deal about you, particularly if the attack is targeted. However often scam emails will be casting a wide net and lack specific details. A few examples may be-

  • A message from a bank you don’t have an account with.
  • An email from a work colleague saying “I need help with something” or “call me on this number” without giving further information.
  • Someone messaging to say their card has been used without their permission at your business without providing any further details.

Spelling and Grammar

Whilst people make spelling mistakes all the time you would not necessarily expect many in an email from your bank. Spelling and grammar mistakes can indicate a scam email.

Often words may not necessarily be incorrect but will be used slightly out of context. Emails trying to sound “official” and formal may not be written in the same way or tone that you are used to, whilst this is a judgement call it can be very useful in spotting scams.

Some General Advice

  • If you receive an email from an individual or company you know that seems suspicious, verify they are the real sender by contacting them in another way such as a phone call.
  • When an email provides a link to log into your account, instead log in the way you normally would in a web browser using the URL you already know.
  • Don’t feel obliged to act instantly to an email with a sense of urgency, scammers rely on this. Take a few moments to check the email is legitimate.
  • If you are unsure whether an email is a scam always err on the side of caution. Report it to the company in question or if at work to your own company’s IT administrator.