The prevalence of email scams is at an all-time high, and the methods behind them continue to get more sophisticated. Micro and small businesses are vulnerable to scams and incur massive losses every year. Because of this, increasing digital literacy is now more important than ever so that individuals and small businesses can operate safely online.
Do you know how to spot a scam email? Let’s get into it.
What is a scam email?
Scam emails are a way for cybercriminals to trick you into giving them personal information, money, or both. They send fraudulent emails pretending to be from large organisations you know, such as banks, telcos, insurance, businesses, or the government.
There are broadly two types of scam emails:
- Phishing: Scam emails requesting payments, financial information, logins, or passwords.
- Malware: Scam emails that entice you to click malicious links and attachments that can harm your computer or enable a scammer to spy on you.
Why do cybercriminals use scam emails?
Cybercriminals use scam emails because they are easy to produce and can result in huge financial gains. In 2024 alone, email scams made up over 90,000 reported incidents and over $47 million in losses.
Email scams range from sophistication, from poorly constructed blanket emails to highly detailed spoofs of legitimate institutions. The key idea behind all scam emails, however, is to create a sense of urgency or panic so that you are more inclined to click on a link or share sensitive information. Scammers play off our insecurities and desires for a more secure financial future by promising or threatening it.
Tips to avoid scam emails
To avoid scam emails, you need to be vigilant with your approach and have an attitude of healthy scepticism when trawling through your inbox. A good way to deal with any unsolicited email is to use common sense and a cautious attitude. Remember, the scammer is trying to appeal to your sense of urgency and get you to act quickly. You’re already one step ahead by slowing down.
1. Verify email address
Always verify the sender’s email address in the header of an email. Legitimate emails from institutions will generally have their own domain address (e.g. emails from Reckon always end in @reckon.com).
Beware of email addresses or domains where the name is misspelt, altered, or attempts to mimic a legitimate email. A scammer might also mask or spoof the email header so that at a glance, it looks like it’s from an institution or someone you know. Always double-check the email address.
2. Verify the content of the email
The content of an email is very telling. If you receive an unsolicited email, you should already be cautious. This is where you can afford to be sceptical. If you read something and it’s too good to be true, it often is. If you receive a rather aggressive message trying to coerce you to take immediate action, hold off, verify if the message is legitimate, and don’t click anything.
3. Do not give away information
If you receive an email requesting financial information, passwords, or login details, do not give them. This type of request will generally be prefaced with an urgent message that will try and get you to panic. The scammers are trying to get you to act hastily by playing against fears of financial loss.
4. Check spelling and grammer
Spelling and grammar can be a dead giveaway if you’ve received a scam email. You’d easily forgive the odd auto-correct mistake from an auntie, but not from your banking institution. With any spelling, syntax, and grammar errors in a message you receive, think to yourself, “Would I send an important email with basic spelling and grammatical errors?” No, you wouldn’t. This is where being vigilant and applying common sense and caution can save you from trouble. Think before you click.
What do I do if I’ve received a suspicious email?
There are a number of things you can do if you have received a suspicious email. Any one of these actions are appropriate measures to take.
- Avoid opening suspicious emails – delete them directly from your inbox.
- If you get a suspicious email, don’t reply to the email or open attachments or links.
- If you click on a link in an email and are directed to a website, do not enter any personal or financial information into the site.
- If you have opened an attachment or clicked on a link, ensure your computer’s operating system and anti-virus software are up to date.
- If scammers have been successful, they may try to get more money. So stay aware of follow-up scams.
- You can always contact a company via their official contact details to confirm an email’s legitimacy.
Example of a scam email
Below, you will find an example email that showcases multiple red flags that should raise doubts about the legitimacy of the sender. Not all email scams will contain these examples, so it is important to know which is which so you can act appropriately.
With these tips, you should have the tools to spot an email scam if you receive one. At Reckon, we take our security seriously by ensuring our customers and their information are safe and that our accounting and payroll software products are secure.
