Safe emails vs scams: the key differences

Safe emails vs scams: the key differences

blog_main_email_scam

Over one billion consumers send and receive email on a daily basis. Of those, eighty thousand are victimized by scams everyday and a total of four million people fall prey to scams annually. It is essential for everyone to learn to differentiate a safe email from a potential scam because carelessly opening attachments and messages may leave you facing the aftermath of financial loss and identity theft.

45% of users are fooled by email scams and face financial loss or identity theft

According to Scamdex, these are the top five types of email scams that you need to watch out for:

#1) Employment scams – fake job offers (work from home)

These types of scams typically target people looking for or changing jobs. The majority of the employment opportunities on the internet are work from home jobs that promise a large sum of income for a small amount of work. Many employment offers as these are a form of check fraud which means scammers will illegally use a victim’s checks to borrow funds that do not exist within the account. You can often recognize these type of scams by the use of pictures with money or cars, testimonials, payment fees, and loud text.

152204_WorkFromHomeScam

Photo by Andrew Toskin, Flickr

Keep in mind that many work from home job offerings are often too good to be true. Use common sense and be on the lookout for job email scams that promise you a high wage for easy work or little work. Never give out your personal details to crooks sending you unsuspecting work from home career opportunities by email. Do not reply to the message, just discard it before scammers even have a chance to obtain your email address.

#2) Auction scams – fake messages from online shopping sites such as eBay and Amazon

Everyone loves shopping online. Unfortunately, scammers use the opportunity to rip off shoppers that may be unaware they are being scammed. Be weary of products advertised at a low price, poor ratings on an auction, completing a transaction outside of the auction, and a seller insisting on immediate payment.

Scammers pretend to sell a product at a very cheap price in order to steal your credit card and bank account details. Another trick scammers use in online auctions is entering a low bid followed by a very high bid using a different name on a product you are selling. Also beware of “miracle” products for sale online that seemingly provide unbelievable cures and weight loss capabilities.

152204_EbayScam

Photo by Jett, Bet You Didn’t Know Blogspot

Always find out exactly who and what you are dealing with in online auctions and ensure payment methods are secure by using an https//: web address.  Also, take a look at the auction privacy policy and refund/returns policy to be sure everything seems fair.

#3) Phishing scams – fake messages from Paypal, social security administration, and banks

Of the 1% of users that lost money through phishing scams, 53% were not compensated by their bank and 11% say they are still waiting for compensation. According to research conducted by Google involving phishing attacks:

“Most of us think we’re too smart to fall for phishing, but our research found some fake websites worked a whopping 45% of the time.”

152204_PhishingBankEmail

Photo by Quintana Hanson, Tax Refund

Phishing email scams often resemble official-looking messages from retailers, Facebook, banks, Paypal, and eBay. The messages often ask you to confirm details that warn you to take immediate action involving your account, such as confirming your bank account details. Most phishing emails contain special links that route you to genuine and spoofed websites. Do not fall for the massive number of  shipping label and package tracking scams that claim you have a package on its way by means of a popular shipping service such as Fedex or UPS.

152204_FakePaypalE-Mail

Photo by Saidul A Shaari, Flickr

In order to prevent yourself from being a victim, you should never send money or give personal details to strangers. Keep a periodic check on your credit card and bank statements and shred all important documents containing personal information. Always log in to a website directly and don’t click on suspicious links within an email message.

Google also discovered that users may not have much time to recover or change their login information before hackers access their account.

“Around 20% of hijacked accounts are accessed within 30 minutes of a hacker obtaining the login info.”

#4) Lottery and giveaway scams – the foreign lottery, competitions, and free vacation giveaways

Lottery and competition scams promise a recipient a big prize or something else to win. These types of scams are delivered in a variety of ways including – over the phone, in person, email or by conventional mail. The scammer will present that you have won a substantial amount of money and that all you have to do to claim the prize is to send money to pay fees such as taxes, customs duty, shipping, etc. Typically, users’ requests to take the fees out of the winnings; but, always receive the same response from the criminals: “we cannot do that”.

152204_LotteryEMailScam

Photo by Jamil Velji, Wikipedia

Be wary of vacation scams that promise you a free vacation which requires you to pay a supposed service charge or purchase a membership to a travel club. Always seek the advice of a financial or legal expert before sending money.

#5 ) Advanced fee fraud scams – Promises of sending money, products, services, and special deals

Advanced fee fraud is a popular email scam that is also known as upfront fee fraud. It is any scam that charges you a fee and in exchange promises to send you money, products, services, and special deals. In addition to this, you may also be asked to assist in removing funds from a country in turmoil or help law enforcement catch thieves.

The most prevalent type of scam that hit a massive amount of users is referred to as the 419 Nigerian Scam. A scammer typically will contact someone by letter or email and offer a share in a large sum of money which they want to export from their country. The recipient is then asked to pay money or give bank details to help with the money transfer. The victim must pay fees, charges and taxes to help release the money out of the country or bank account. The scammers continue to make up fees that you must pay before you can receive your money.

152204_NigerianScam

Image by Morburre, Wikipedia

Off course you will never be sent the supposed promised funds. According to the Nigerian Fraud Watch website, victims have lost a shocking 12.7 billion dollars due to this scam.

blog_content_breaker_email_scam

Users perceive emails by what they see with the naked eye

Four popular universities – University of Buffalo, Brock University, Ball State University, and University of Texas in Arlington – conducted a study and launched a phishing attack against a group of users. The purpose of this was to discover the psychological reason behind why people fall victim to phishing spam emails. They state:

Our results indicate that people process most phishing emails peripherally and make decisions based on simple cues embedded in the email. Interestingly, urgency cues, i.e., threats and warnings, in the email stimulated increased information processing, short-circuiting the resources available for attending to other cues that could potentially help detect the deception.”

The study reached a few conclusions:

  1. Users only process what they see with their eyes and do not perceive the potential scam with their mind.
  2. Users make decisions to open and read an email based on captivating titles, graphics, testimonials, and matters of urgency such as “your bank account will be deactivated if you don’t respond now”. The element of fear also plays a part because a user is often scared by the title or content of an email without asking how this is possible or why is this happening.
  3. Urgency cues in an email stimulate information overload. Too much is often happening within an email and that leads to the brain processing too much at one time leading to an information overload. Use of catchy titles and influential content/graphics cause users to often miss an alert from their security product or a warning message from an email filter that could alert them and potentially flag the scam they are about to fall victim to.

“The findings suggest that habitual patterns of media use combined with high levels of email load have a strong and significant influence on individuals’ likelihood to be phished.”

How to avoid being victimized by email scams

  • Be aware of unsolicited email attachments that use suspicious email addresses. Never click on a seemingly suspicious looking link. Hover over a link with your mouse to reveal the destination address to confirm if its legit.
  • Don’t click on urls in emails that requests login with a password. Instead, visit the website manually, login there and look for the information that was promoted in the email.
  • Don’t fall for the top five email subject bait lines that scammers use: invitation to connect on LinkedIn, Mail delivery failed: returning message to sender, Dear (name) customer, Comunicazione importante, and undelivered mail returned to sender.
  • Use a spam/junk mail filter. Learn how to filter your email messages in order to separate the good from the bad. According to Kaspersky, over 70% of emails are spam related. Another option may be to use a dedicated software to filter and block potentially unsafe messages such as MailWasher.
Recognize Fake E-Mails

Photo and content by Microsoft

  • If an email message is seemingly suspicious, make contact through other means to verify the source and authenticity of the email. If a message is legitimate, finding a contact number to the source should be an easy task.

Have you seen these type of emails scams going around? What other ones are you aware of? Have a great (scam-free) day!

  • Adar Tzivion

    love when you srnt me things as this.
    It helps me from time to time.

  • Philip

    Some smart people turn into idiots when using the Internet. You tell them what to do and what not to do and they do everything you told them not to do. A ship’s engineer answering begging e-mails. And the quick introductory programmes to introduce housebound isolated pensioners to computers, and the Internet. The idea of 80-year-olds using the Internet is good it gives them independence. But the classes are pathetic. You can be asked can you donate some of your time. You go into a big room with tables going all the way around the wall. The elderly pensioners arrive by bus called Dial-a-Ride, Dial-a-Ride is a door-to-door service using buses specially adapted with handrails, low steps and wheelchair lifts, for anyone who finds it difficult/impossible to use ordinary transport. In rural areas they are sometimes called TCT, and they are usually always charity registered services.

    They deliver the elderly people to elderly community centres or in posh areas “luncheon clubs”

    I create a giant icon of a supermarket. They click on the giant icon and it takes them straight to the supermarket logon page. They all create an account I supervise them. They must understand how to use their credit card or debit card. They shop and log off. They get a delivery time. They get their shopping delivered to the door. They must remember their e-mail address and password. It must be something they can remember. It must be simple. It must have numbers in it. All pensioners virtually all pensioners remember their National Insurance number that’s the number part. I then create another icon for furniture and gardening and so on usually Amazon. Go through the same routine as above. All pensioners go home with their laptops that they purchased on advice and all classes have finished. Average pensioner was born in 1929.

    I never see them again. The favourite Internet scam to attack pensioners is can you donate some money to save some “poor animals” somewhere in the world. They click the e-mail link they type in their bank details to save the poor animals. All the way through my brief lesson I tell them don’t give your banking details to anybody only give it to the giant icons which is a supermarket and Amazon. They don’t listen and the class lesson is too short. Time is money.
    And this probably happens in other countries as well. For special cases most of the Internet should be blocked and they should only be able to go to shopping channels.

    • Really the classes should avoid making it too simple. Eventually people will venture to other sites and not realise some are dangerous.

      Really in general in the IT world, there seems to be too much talk about protecting your computer with security rather than staying safe in general. Most people are under the assumption they can do anything online and their security suites will protect them 100 percent of the time and when it fails to deliver they blame it on the programs and look for another.

      Hackers, cyber criminals etc. their job is to find vulnerabilities and the biggest is basically us. No security suite can really protect us from our own stupidity

  • Never click a link to go to your bank, or ebay, or anything that requires you to put in your password. TYPE the address into your address bar and log in that way. I’ve avoided some very clever looking scams that way.

  • The big way people usually get tricked is Spoofed Email Addresses, which means the email address appears genuine, and spoofed links that appear genuine but the actual seen link is just the text with a completely different link coded into it. Luckily most browsers will show the correct link if you hover over it.

    I noticed some emails now will include something such as “scanned and safe by AVG” to trick people into thinking the email has been scanned and is clean. People still sadly fall for infected attachments.

    I agree about visiting the site not via the link. If ever I receive a bank email I never click any links even if it appears to be genuine. I have the site saved in my bookmarks and always check the link at the top to make sure it’s genuine and my bookmark hasn’t been changed. That way even if the email is genuine I know I’ve done it safe.

  • NRK

    Due to spelling errors is this a scam? Ah, just kidding.