Email Scams 101: How to Spot and Avoid Suspicious Emails

Why are they dangerous? Because most, if not all, of our accounts, are tied to our email. There’s also a ton of private information lurking in your email. You communicate with your financial institutions and manage passwords and validation across all of your accounts. With so much happening in your inbox, there is the potential for scammers to try and scam their way in. So how do you recognize potential email scams? Email scams have existed since the early days of email. At this point, the Nigerian Prince scam has become a part of our cultural lexicon. We all know the email scam of ingratiating foreign royalty politely asking for money with the condition he will give you double what you give him once his money’s released. But now, email scams have had to advance to keep up with the times. There’s an ever-growing number of ways hackers and cybercriminals try to scam you. They do that using social engineering. Social engineering is the conning aspect of these scams. Hackers and cybercriminals capitalize on your greed, excitement, or vulnerability to get you to give up personal information. They manipulate you to click on a link or download a file. They can convince you to give up personal information or click on a link to a fake version of a website to steal your password. Social engineering is a blend of psychological manipulation and technical know-how. It’s why some hackers use generic messages so you think your ex really did send you a photo from their vacation. You think your co-worker sent you a link for the presentation or that your assistant needs a password. You comply and boom your computer is infected or your information stolen. Phishing is a form of email manipulation. You get an email from someone asking for money or information. Spear phishing is when hackers use a “spear” to make their phishing scam more legitimate. They’ll send emails that appear to be from real sources like your bank, the IRS, a friend, or a colleague. They may even have some information about you to use as the “spear” for you to take the bait. With the amount of spyware, adware, and information publicly available on social media, it’s easy to convince someone that something is official with information they do not know they’ve shared. Now how do you avoid these scams? Sadly, there is such big business in getting your information it’s gone international. Hackers can be anywhere in the world itching to get into your private messages. When you click on an email, it’s important to take that extra few seconds to fully process what you are reading. Hackers are leveraging the fact that you are probably zooming through messages and not paying 100% attention. An email scam will usually seem a bit “off.” The text and flow may sound awkward and stilted. The language could also be super generic.  This is because someone is using a form email. Or it could be because a hacker in another country translated it incorrectly. If the language sounds off in any way ask your friend, colleague or family member before doing what’s in the email. Email is not the safest way to communicate private information. The information is encrypted. But there are multiple touchpoints where hackers can intercept the information. A good rule of thumb is to note that government agencies like the IRS and other financial institutions, like your bank and credit card, use email and the internet as a one-way channel. They send you information but do not ask for any back…especially via email. They will not conduct transactions via e-mail and official correspondence will often correlate with a letter in the mail or telephone call. When reviewing emails, it doesn’t hurt to double-check who is sending an email to you. Keep an eye out for anything that seems off. If the communication is supposedly from your bank, most likely there will be a notice online when you log into your account. Many emails will have links with a URL you cannot directly see. What seems like a legit email from a financial institution or business you frequent could send you to a dummy site to steal your login or credit card information. It’s important to double-check. Most businesses will include any coupon code or offer information. You are welcome to sign into your account on your own and then corroborate the information in your email against that. Automatically clicking on links increases the potential of malware. Even legitimate emails from your favorite brands and businesses could potentially have spyware or adware attached so click responsibly. Depending on your email settings, especially if you have an iPop account or mail program on your computer some email attachments can automatically download. These attachments can put you at risk for malware or hack attacks. It’s simple enough to double-check with a friend or colleague that they sent you an attachment. What makes social engineering so insidious is often people do not know they have been hacked or that they are being impersonated. This double-check can help save their entire address book from attack and spare a ton of drama and heartache. Be mindful of what you are sharing or being asked to share via email. This is not only good practice for the protection of your cybersecurity and privacy, it will help you in avoiding most email scams. And remember, just because it’s in your inbox doesn’t mean it warrants your attention. Email scams have existed since the dawn of email. And they’re ever-advancing to keep up with our web surfing and social networking habits. Use these tips to help you keep an eye out for potential traps and common mistakes. Scammers will never really go away, but you can arm yourself by staying informed and alert to suspicious-looking things in your inbox.