According to Action Fraud, there have been over 400,000 reports of Phishing emails every year. Last year alone, 58% of organisations have seen phishing attacks increase in a year. Email Scam is one of the most common methods of cybercrime. Despite hearing about it, people still frequently fall victim to these attacks. This article explores the reasons behind email scams appearing, the types of scams you should watch out for, and how to avoid them.
Emails are an essential part of everyday communication, which is why it’s one of the preferred methods of attacks hackers use to gain sensitive information. Cybercriminals have been exploiting this platform by sending out emails to trick recipients into downloading harmful attachments, or divulging sensitive information, including passwords, bank account numbers, and social security numbers.
What Are Email Scams?
Email scams are where criminals typically send emails to thousands of people. These emails pretend to come from banks, credit card companies, online shops and auction sites as well as other trusted organisations. They usually try to trick you into going to the site, for example to update your password to avoid your account being suspended. The embedded link in the email itself goes to a website that looks exactly like the real thing but is actually a fake designed to trick victims into entering personal information.
Types of Email Scams:
Cybercriminals are becoming cleverer every day, and with that they have designed different types of scams for emails.
1. Lottery Scam
You receive an email stating you won a sweepstakes, lottery, or prize — like an iPad, a new car, or something else. But you can tell it’s a scam because of what they do next. They ask you to pay money or give them your account information to get the prize. If you pay, you’ll lose your money and find out there is no prize.
A recent example appeared in Canada. A recipient that received an email claiming he was a winner of E-MAIL LOTTERY, in “conjunction” with Powerball Lottery. In order to claim the prize, the recipient was asked to contact a representative in South Africa and provide personal information.
2. Banking Scam:
Scammers try to trick customers into giving out personal information such as bank
account numbers, passwords and credit card numbers. This is called a phishing scam. Typically, customers receive an email from what looks like communication from their bank. It will say they need to confirm some personal details, usually their internet banking username and password. It will contain a link to a website that looks like the bank’s but is fake. Customers who enter these details will soon find scammers have accessed their accounts and cleared out their money.
If you receive an unsolicited email from an institution that provides a link or attachment and asks you to provide sensitive information, it’s a scam. Legitimate companies, such as Banks will never ask for personal information via mail.
3. Social Media Request Scams
Any social media request arriving from someone who has the same friends as you. You don’t immediately recognize the person but assume the request is legitimate because of the common friends. This new friend then sends you a message with a link to a video which when clicked installs malware on your computer and potentially the company network.
Here are few examples of social media phishing scams.
4. Fake Google Docs Login Scam
Scammers create fake Google Docs login pages and then sends a phishing email hoping to trick someone into logging into the faked website. The email might read “We’ve updated our login credential policy, please confirm your account by logging into Google Docs.” The sender’s email is a faked Google email address.
If there’s an e-mail in your inbox asking you to open a Google Docs from someone, and you don’t know who it is, don’t open it.
How to Avoid Email Scams:
1. Never Ever give anyone your email account password. It doesn’t matter who asks and why.
2. Avoid opening unsolicited attachments from people you don’t know. Scammers use them to transfer malware or viruses.
3. Beware before sharing your personal information online, especially on social media sites like Facebook or LinkedIn. Scammers scrape personal information from the Internet and use it to impersonate friends or authority figures.
4. Don’t blindly click on links in your emails. Simply, hover over the link with your mouse and verify that the link matches the text.
5. If you do click an unsolicited link, and it takes you to a sign-in page, DON’T sign in.
6. If your email sounds too good to be true, it probably is.
7. Look at the email domain of the sender, to double check hover over the email domain No legitimate organization would send emails from a public domain, organizations mostly have their own email domain and company accounts.
8. Look out for misspelt domain names
9. Anyone can buy a domain name, although every domain name must be unique. There are plenty of ways to create addresses that are indistinguishable from the one that’s being spoofed.
10. Look for grammatical errors and spelling mistakes. You can always understand if an email is a Scam if there’s poor spelling or grammatical mistakes.
11. Look out for the language used in emails. If the tone of the email sounds aggressive, and contains a sense of urgency, then it’s likely to be malicious.
By practising and looking out for the signs that tell you is something is fishy, you’ll be able to avoid getting scammed.