Back

How to Spot a Scam Email

Scam emails are a huge burden for many businesses. Fortunately, many scam emails are blocked by your email server before you receive them, but ones that get through can cause havoc to your computer or, in a worst-case scenario, your bank balance. If you receive an unsolicited email, and you’re not sure if it is genuine, follow the tips below to identify if it’s a scam.

 

1. Check the from address

The first thing you need to do is check the authenticity of the sender’s email address. If the address does not contain the domain that is owned by the organization, such as “paypal@gmail.com” instead of “account@paypal.com”, it is most definitely a scam. Unless you are 100% certain that the email address is genuine, do not click on any links or give out any information.

 

2. The subject line and content looks off

The subject line is one of the first things you’ll see, and you can immediately notice if something isn’t right. An email with a subject line similar to “Important_Message_For_You! ~~ Respond Now!!” is instantly recognizable as a scam.

You can also spot a scam email if the formatting is messy or the branding isn’t in line with the apparent sender. Don’t be fooled by emails with a design identical to a legitimate one.

 

3. Personal information request

One of the top scam emails ask recipients to “verify” their information, such as their home address, telephone number, a password or bank details. This is almost inevitably a scam, and you should be very wary of any email that asks for this type of information. Companies you have dealt with in the past will very rarely ask you to verify information that they already know. If you are unsure, contact the company directly to check it is legitimate.

 

4. Common scam phrases

Often scammers will use scare tactics or enticing offers to trick the recipient into sharing personal information. “Do you want a £500 voucher? Click here now to claim it!” or “Fraudulent activities on your account” are common examples of phrases scammers use.

These types of emails link to a genuine-looking website with a form that asks for your personal information, such as your home address or bank card details. If you enter sensitive information on a phishing site, your details could be sold on, or money could be stolen from your bank account.

 

5. Hyperlink URL is different to the one displayed

If you are viewing an email on a PC or Mac, hover your mouse over the links (without clicking) to check the real address in the pop-up window. In the example below, the URL looks like it goes to PayPal when it is actually a disguise and links to a phishing site. Unfortunately you cannot do this on a mobile device, so wait until you can view the email on a desktop.

 

phishing scam link

 

6. Strange attachments

Be careful of any emails you receive with attachments that aren’t from a familiar email address. Unless you are certain you know the sender, or have requested a document to be sent to you, do not open any attachments as they may be malware.

 

7. Bad grammar and spelling

One of the easiest ways to spot a scam email is if the message is full of spelling and grammatical errors. Legitimate emails sent by organizations are often proofread by numerous people and very rarely have any mistakes in the message. If you spot an obvious error, treat the email as suspicious and be wary of clicking on any of the links or replying.

 

What to do if you receive a scam email

Be suspicious of any unsolicited email you receive from someone you do not recognize. Scammers are often very clever at disguising a phishing scam as a legitimate email from a reputable organization. If you feel that something isn’t quite right with an email, you’ll almost always be right.

If you believe you have received a scam email from someone claiming to be an organization, forward the email on to customer services so the organization is aware and can take action by warning other customers.

You can also report phishing scams to your email provider, who will take steps to identify the scammers and block future emails from them. Microsoft and Google have also written articles on how to report suspicious emails you receive.

If you’re concerned any of your online or email accounts have been hacked, change your password straight away. For extra security, download antivirus protection to ensure your computer isn’t affected by malicious scam emails. Unfortunately, this won’t protect against all scams, but using common sense and vigilance will help to protect you scam emails.