Email fraud, also known as phishing, has become extremely common, and cases are growing steadily by the year. Scammers are increasingly discovering new methods to try and pilfer important personal information, such as your Social Security number and your bank details. Some emails may even come with malicious software attached that may infect your computer, mobile, or tablet with a virus.
Moreover, one of the most commonly used marketing methods (Facebook pixel) now is also the target of scams. In fact, some scammers are using a Facebook tracking pixel in emails to mine sensitive user information.
We have compiled a list of steps that can be taken to prevent such things and protect your consumer privacy.
Check The Sender Details
Check the email address for spoofing. Scammers will often do this to make it appear as if the mail is from the organization or company they are impersonating. While they may seem legitimate at first glance, such emails will often have outlandish email addresses accompanying seemingly normal names.
Look out for obviously cheap imitations by examining the sender’s details. Scammers’ addresses will often appear as something like mail. Airbnb.work instead of airbnb.com. You can see the email address by hovering the cursor of your mouse over the sender’s name, or you can right-click on it. This will help you ascertain whether a genuine person or a scammer sent the email.
It is also very common for such emails to contain malicious links within the body of the message.
Beware of New Senders
While receiving an email from a new sender, especially one who is not from your organization, is not out of the ordinary, this may be a sign of phishing. If you receive any emails from unfamiliar sources, take some time to meticulously examine those identified by Outlook as new senders before proceeding.
These days, scammers are improving their methods to dupe people, and many of them will include your first name in the email’s opening line. However, this is not always the case. Many emails will simply use the word “Hi” in the greeting. Or they may just write your email address after the word “Hi.”
Dates and Contact Info
Check whether the “contact us” link at the bottom of the text takes you to any links or external websites, but do not click on anything. To find out where the web link might take you, simply make your mouse hover over it. If it doesn’t look like you can click on it or if the link that pops up in the lower left corner of your screen doesn’t look genuine, you should be wary of such emails. If there are any dates, such as copyright dates, ensure they are current because scammers might often forget details like this.
For example, if you received a mail sometime around March of 2017, but the event being promoted is scheduled for the end of December 2016, it is most likely a scam.
Look At Branding
Fraud emails often masquerade as messages from well-known companies, supermarkets, big brands, deal sites, retailers, and government departments. Carefully check the branding and the logos keeping an eye on the quality, as this is a strong indicator of whether it is a scam or not. Cross-check the branding with the one received in previous emails from the same company, and also on the company or government website. If the mail is legitimate, the logo will be identical to the website’s logo. If this is not the case, it’s best to be wary of the mail and any attachments or links in it.
Beware Of Suspicious Links and Attachments
Before clicking on any links or opening any attachments, it is a good idea to bear certain precautions in mind. This is because many attachments may contain trojans that will infect your computer with viruses or malware. Make sure you scan the attachment with good anti-virus software even if you feel the attachment is safe.
If you do accidentally click on the link and get taken to the website, you can double-check and verify if it is genuine. Should the mail be from a well-reputed branded company, open a new tab, do a Google search, select the company’s website, and see whether both URLs match. Check for similarities within the site, like logo design, color scheme, contact information, domain name, address, etc. If they are not identical, it is a fairly good indication of whether the email is genuine or a scam.
If you have not yet clicked the link but are being prompted to do so to view an important message, resist any temptation to follow the link. Instead, access your account from the official website from your browser. Now you can verify whether you have indeed received such a message. If you have not, then in all likelihood, you have been the target of an attempted scam.
In the event that you have clicked on any links or attachments, perform a full virus scan on your system. Upon completing the scan, change all your passwords and make backups of all your files. Scammers will often be able to access more information than what you have entered on any website because clicking the links or attachments may have given them backdoor access to your system.
Bank or Personal Details
Beware if the email requests you to re-enter any bank or personal details without any valid reason. This would include details such as your credit card number, Social Security number, credit card security code, PIN, your mother’s maiden name, or any other security answers that you might have used. Reputable companies do not ask for such information to be provided through email.
Be wary even if the email seems legitimate and the address is similar to that of companies or institutions you normally receive regular messages from. Fraudsters have often been known to take painstaking steps to make sure they have created effective imitations of legitimate messages.
Nowadays, fraudsters are becoming more adept at sending out scam emails that are largely error-free in terms of spelling and grammar. However, it is still important to be vigilant for such tell-tale signs. It is more common for fraudsters to send out emails that lack consistency. These emails will often contain mismatched logos and many different styles and sizes of fonts. Messages sent out by legitimate companies would usually be composed by professional writers and thoroughly rechecked for spelling or grammatical errors.
It may be of interest to note that the poor spelling, grammar, and presentation of phishing emails are often done deliberately. This is because scammers usually consider the most gullible of people to be the best targets.
Pressure to Act Fast
Scammers will often try to put undue pressure on you with exclusive, time-sensitive offers. Do not fall for this. Take as much time as you require to make all the necessary checks. You are better off missing out on a genuine deal than taking the risk of losing your money or compromising important personal information.
Some emails may even go to the extent of trying to induce panic in the minds of recipients. The message may “inform” you that your account has been compromised, and the only option to ensure you are safe is to key in your login details after following a link in the email. Or, it may warn of closures of an account should you fail to act immediately.
Make sure to take some time to consider if the requests are reasonable. It is probably a lot safer to simply discard emails that seem suspicious.
Offers Too Good to Be True
Some scammers try to entice unsuspecting victims by promising them immense financial rewards in the form of lottery prize winnings. They may also make claims that a foreign government official or other important person requires your assistance in the transfer of funds and will promise hefty sums of money for your help. In that case, should you fall for such a scam, you’ll want to know how to get your money back after a scam like this.
The most infamous and perhaps even the longest-running variety of this sort of scam is the “Nigerian Prince” scam. In this version, you will be contacted by individuals who claim to be from a royal family. They will offer you a share of a great investment or claim they need your help to transfer a large fortune out of the country.
Once you are hooked, they will request your bank account number along with a small advance payment which will supposedly facilitate a smooth transfer of funds. Once you agree to this, they will disappear with your money or even siphon off your entire bank account.
Some scams will even make claims as incredible as the possibility of inheriting millions of dollars from a hitherto unknown relative.
Verify With Genuine Organizations
In case you are still not sure if the email received was sent by a scammer, you can directly contact the company, brand, or government department mentioned in the email either through their social media handles or on the “contact us” page on their website and verify whether they sent it.
Also, don’t forget to check the company or brand’s customer service and help pages. In many instances, big companies may be aware that scammers are using their name and brand to entice unsuspecting targets.
Common Phishing Scams
While phishing scams may come in countless forms and varieties, there are some scams that are significantly more common than others.
Suspended Account: You may receive emails informing you that your account has been temporarily suspended due to some unusual activity. If you have received such an email from a bank that you do not have an account with, delete it promptly. However, it may be harder to spot fake emails from a bank with whom you do have an active account. You can use the methods mentioned earlier in this article to determine the authenticity of the message, or simply contact your bank directly.
Authentication Fraud: Two Factor Authentication (2FA) is a popular method of protecting your accounts and other personal information. It involves using things such as Google Authenticator codes or secret SMS codes to gain access to your various accounts online. Phishing con artists are well aware of its rising popularity and are very likely to take advantage of what is supposed to be an additional security feature. Do not entertain any requests to provide your 2FA password for any of your accounts, especially those you have not accessed for a significant period.
Tax Refund Fraud: Everybody understands the importance of tax season. Email fraudsters are all too aware of this as well and will use the opportunity to con you by sending you fake emails regarding IRS refunds. Remember, the IRS only uses regular post to contact taxpayers, so beware of any emails stating that you are eligible to receive such tax refunds. Tax refund scams are especially dangerous and potentially harmful since they also request your social security number in addition to your bank details.
Order Confirmation Fraud: Some cybercriminals may attempt to con you by mailing you fake order confirmations. Such messages will often contain attachments or links to fraudulent receipts which claim to contain additional information about your order. However, crooks often use such links and attachments to infect the target device with malware and other malicious software.
Moreover, if you’ve discovered you’re a fraud victim and live in California, you’ll want to find the CCPA email address to report it.