Depending on your nature of work, you could be receiving up to hundreds of emails flooding your inbox in a day. If the email you use is one that you have frequently used since you were in high school, you can bet that it has already been picked up along the way by advertisers, phishing parties, or hackers.
Scam emails, also known as phishing emails, were designed with one purpose in mind; to create a hoax and cause malicious harm to you in some way. This could be to threaten you with ransomware, try to dig personal information from you, or somehow corrupt your system.
Some phishing emails can be very sophisticated, especially if they address you personally or seem like they come from a company you typically deal with (for instance your personal bank or airlines service you travel with).
Since it can be hard to spot scam emails from a real email, here are BolehVPN’s tips for red flags you can quickly scan for in your next email.
If an email is asking you for your personal information such as your date of birth, your credit card number, your identification number or bank details, this is almost a clear sign that it should serve as a warning of a possible hoax.
Most reputable companies would never ask for your personal information to be supplied via email. And if it were your real bank service or credit card provider contacting you, they should already have kept records of your details.
“Congratulations! You’ve just won a PRIZE!”
Great! But wait a minute, did you ever enter any contest?
Certain catchphrases should definitely be raising your red flags whenever you spot them in an email. Sometimes it could be an ‘urgent’ email requesting for your details before your account is ‘suspended’, or perhaps it can be flashy capitalised phrases like “FREE OFFER” (anything with the word “free” in it on the Internet should be raising your biggest, reddest flag out there).
Phishing scams can be more rampant especially after a natural tragedy or big disaster. Beware of phony charities which claim to ask for donations and capitalise on major crises.
For instance, after Hurricane Katrina hit in 2005, the American Red Cross reported 15 fraudulent websites mirroring their own which were designed to steal credit card numbers from unsuspecting donators. The FBI themselves saw more than 4,600 websites advertising relief efforts for Hurricane Katrina which appeared to be fraudulent.
A common tactic of phishing scams is to invoke a sense of urgency in you when you read a scam email. This can come in various forms, such as suggesting immediate action from you before “your account is terminated”, or requesting your confirmation details after an “unauthorised login attempt”, or directing you to click a link to claim a “limited time offer”.
Of course it could be possible that the email you were receiving was a legitimate message from the company you are a customer of. In this case, to be on the safe side it is best if you checked directly with the service provider in question to verify the veracity of the notification.
Poor grammar and spelling errors is a tell-tale sign in scam emails. Most major corporations would have reviewed any spelling, grammar and legality before sending out any marketing emails.
While scammers might be getting gradually better at presenting legitimate-looking phishing emails that look like the real deal, a lack of consistency in an email is definitely something to watch out for.
No matter what, there is just an ‘off’ feeling one gets from going through a hoax email, be it because of the mismatching logos, a bombardment of different font styles and font sizes, or maybe improper spelling in the fine print.
Dodgy looking sender’s email address? You might want to get that checked. Phishers would often create fake email addresses that look like it belongs to the real company they are trying to imitate.
Additionally, it is hard to trust any links spread in any emails because it could be one containing malicious content, even if it was shared to you unknowingly by a friend.
Check if the hyperlinked URL matches the one shown by hovering your mouse (without clicking it!) over the link. Typically a small pop-up window would appear on the bottom of your screen showing the actual URL.
Similarly, you can check the ‘from’ field by hovering your mouse over it to see if the website domain matches the company that the email was supposed to originate from.
Take the Today.com phish spotting online quiz to test if you have what it takes to spot scam emails. Let us know how well you did!