Email scams and phishing attempts evolve constantly, hoping to take advantage of the latest topics or trends, and at this time of year the perpetrators know full well that our inboxes are chock-block full of offers from every store or website we have ever shopped at or considered shopping from. Easy for them to sneak in a festive looking scam disguised as one of our favourite sites, to catch us unawares.
There are some warning signs that the people behind them that fortunately seem to crop up over and over again. Below is a list of some of these warning signs but is by no means definitive; usually common sense is the best tool.
Click-through web links in the message
Do not trust links to web sites in emails. What might look like a legitimate address is often linked to either a third party site that looks official or a legitimate site that has been compromised. If the e mail looks as if it main contain an interesting offer simply go to the site via your search engine, if it's a genuine offer you'll find it there anyway (yes, I know the e mail said it was exclusive to you as a valued customer, but they say that to all the girls!)
Attachments from someone you don’t know
Don't open an attachment from someone you don't know – even if it appears to be your bank or credit card company. It's almost always a virus or spyware meant to steal your personal information.
Generic greetings
If your bank or credit card company is writing to you then it knows who you are, so do your friends and colleagues. Be wary of 'to our valued customer' or even 'hi mate.'
Red-flag phrases or references
Typical phrases include 'verify your account', 'you have won the lottery' or 'respond within X hours or your account will be closed.' Another way to recognise a red-flag phrase is if it contains a reference to something that is not relevant to this country such as a W-5 form which is actually for the United States Inland Revenue.
Outdated information
The email that you have just received may look odd because the information appears to be out of date. If it is, then be on guard. A good example is if the list of people in the 'To' or the 'cc:' fields contains email addresses of friends who have no connection (eg, your Facebook friends who may know you but not each other) or in business e mails, colleagues who have left the company.
Textless emails
Some legitimate looking emails are actually just images. The danger with these is that by clicking anywhere on the message body will usually takes you to a compromised web site where the hacker could either fool you into entering information or deliver spyware onto your machine.
Personal information requests
No legitimate organisation will ask you for your National Insurance number, bank account details, PIN number for debit or credit card by email. And none should include a link sending you to a form to enter it. No matter how authentic these emails look never use any links in them, always open your browser independently and enter the address you know is the correct for that particular organisation.
Market research
Another classic that goes way back. You may be asked to complete a survey or enter a contest to win an iPad but first you have to provide some information or logon to your account.
Typos or spelling mistakes
Many scammers appear to have either a poor grasp of basic grammar or barely speak English. Look for tell tale signs like confusing 'your' with 'you’re' or 'their' with 'there' etc. Look out for missing full stops or inappropriate hyphens. It would appear many scammers forget to turn their spell checker on.
Remember the golden rule, if something looks too good to be true, it almost certainly is... if in doubt, delete.
