As we welcome another new year many people will be reflecting on the past year and setting goals for 2019. With email scams being so common, we want to provide you with the knowledge to be more vigilant in spotting possibly dangerous emails, so you can make your 2019 a safer one! Take a look at 3 key areas to review to help spot if an email may be a scam.
1. Addresses and Domains
Scammers are great at creating emails with branding almost identical to the actual organisation they’re pretending to be which is what makes it easy to fall victim. However, often the from email address is the giveaway. If it’s spam, more often than not, the email address won’t match the company’s domain and could look something like this:
In some cases, scammers can make it look like the email is coming from a genuine source. If the email address looks correct, try pressing reply and see if the ‘to’ email address changes. If it does, this is a sure sign that it’s a scam.
Rather than clicking on links to find out if the email is genuine, hover your mouse over the link to see the URL.
In the above example, if the email was from Amazon you would expect the link to ‘Your Account’ to be somewhere on www.amazon.com, instead the URL is something completely unrelated. If this happens DO NOT CLICK, contact the company directly to confirm if they made the request.
Poor spelling or grammar
Most established brands are meticulous with proofing emails to avoid grammatical or spelling mistakes. Therefore if an email is sent to you full of poor grammar and/or spelling mistakes it’s probably not coming from the company it says it is. This may not always be the case, but it’s another pointer to a potentially malicious sender.
How has the sender addressed you? For example, if it’s ‘valued customer’ or similar and claims to be from your bank it’s probably a scam. Banks and other legitimate businesses will often address you using your first and/or last name, and will never ask you to click on a link in an email in order to login to your account..
Scammers want you to act fast and irrationally to convince you to part with sensitive or personal information which is why a common tactic is to use language that invokes fear or urgency in the subject line. Examples of such include “Account has been suspended” “Urgent Action Required”, if you see this don’t panic! Take the same caution in reviewing the legitimacy of the email as you would with any others.
3. Topic / request of email
Asking for your personal information
Legitimate companies and banks will never ask for personal credentials via email, such as bank details, National Insurance number, memorable information, passwords or PIN. Always err on the side of caution, regardless of who appears to be asking for it. There have been cases where scammers have emailed accounts departments pretending to be the director at the same company to authorise payments. Contact the sender by phone (or even better face-to-face, see deepfake article!) before offering any personal information, or acting on any instructions.
Informing you of a change of banking details
If you receive a notification of a change of bank details be suspicious, even if this is from someone who regularly sends you accounts related emails. If possible, contact the sender via another method (e.g. phone) to check that the change request is genuine.
Asking for payment to a new recipient
It’s good practice that when sending money to a new recipient, use a secondary method to confirm that the details you’ve been given are legitimate. If possible – ask the sender to send account number via one method and sort code via another method.
In summary – be vigilant!
Scammers are continually finding new ways to catch us out with phishing tactics and are getting better at masking their identity. It’s a good idea therefore to remain vigilant with what arrives in our inbox. If something doesn’t seem right, or you have any doubt about the content or the sender then seek clarification from the sender or organisation! Even with the best email filtering systems, some scam emails will still get through. Following our advice will help mitigate the risks but only you can keep yourself 100% safe. Contact us for more information.