Internet, Networking, & Security Antivirus How to Detect Scam Emails Learn how to detect a scam email and take steps to protect yourself By Nicole LaMarco Writer Nicky LaMarco has 15+ years' experience writing about web hosting, antivirus, backup software and other technology for publications like Tech Republic and Web Hosting Sun. our editorial process Facebook Twitter LinkedIn Nicole LaMarco Updated November 26, 2019 Antivirus Browsers Cloud Services Error Messages Home Networking 5G Antivirus VPN Web Development Around the Web View More Tweet Share Email Email scams have been around for years and phishing is a type of email scam. Between 2010 and 2014 alone, phishing incidents increased by more than 160%, costing businesses around the world billions of dollars and affecting more than half of internet users. Learn how to detect scam emails and phishing scams and protect yourself. What Are Email Scams? Email scams are any scam that uses email as its main vector. The most common email scam is the phishing scam, followed by the spoofing scam. Phishing is a type of scam where the scammer is trying to get sensitive information from the would-be victims.Spoofing involves making it look like an email came from a legitimate source. Quite often the two are used together to craft elaborate scams. How Do Scam Emails Work? These scams first find their way into your inbox, and seem to come from a legitimate source. They often come in the form of messages about some great opportunity you need to take advantage of immediately, or some kind of emergency or problem that you need to handle and resolve. Lifewire / Theresa Chiechi There is almost always a sense of urgency that's designed to motivate you to act immediately without thinking. The scammers know the more time you spend before you take action, the more thinking you’ll do and the easier it will be for you to spot inconsistencies in the email and get suspicious. The idea is to get you to act on a sense of urgency, and usually involves clicking some kind of link that will bring you to the scammer’s website, where you're asked to login to your account or perform some other action designed to get your personal data. Sometimes just clicking the link downloads malware to your computer, where it will wreak havoc. The same happens if the email includes some kind of attachment, which will typically be malware you unwittingly download onto your computer when you open the attachment. Regardless, once you give out your personal information, such as your phone number, social security number, bank account number, or pin, it will be used by the scammer for fraudulent purposes. How Do Email Scammers Find Victims? Email scammers usually buy email addresses in bulk on the dark web. Whenever you hear of a massive data breach affecting large companies, it's likely the compromised emails are going to be sold on the black market. In other cases, scammers find your email through a trial and error process where they try many different possible names. Whichever method is used, you’re almost guaranteed to receive at least one email from a scammer in your lifetime. Over half of the internet receives at least one phishing email every day. How Do I Avoid Getting Involved in Email Scams? Your greatest defense is to cultivate the ability to spot these emails. Here are some useful things to look out for that will tell you whether you’re dealing with a scam email. The Domain is Public Unless you’re dealing with an individual worker, most official emails from organizations end with the company’s domain. Google, for example, uses “@google.com” while most universities will use “@university.edu”, where ‘university’ is often the university name or abbreviation. If the email address ends in a public domain, you’re most likely dealing with a scammer. Spoofed Display Name Before you open the email, the display name and the “From:” field might include the name Google. However, if you look at the email address, you'll find that the email has nothing to do with Google. Spoofing a display name is pretty easy over email, with scammers choosing which display name to show, even when the email address is totally bogus. Most people also trust display names, believing them to be from a legitimate source without actually checking the email address. A Misspelled Domain Name Sometimes the domain name can seem legit at first sight. It might look like @microsoft.com from a distance, but it's best to look closely. For example, microsoft.com might be spoofed as "mircosoft.com" or "micosoft.com" or some other variation. They look eerily similar, but two are fakes. When checking the email address from a sender, even if it looks legitimate, be sure to look closely to see if you’ll find any misspellings in the domain name. The Email Is Full of Grammatical Errors A legitimate email from a company will often be revised and proofread to ensure that it is grammatically correct and free of typos. Most emails from scammers are full of typos and grammatical errors. When you’re looking at a suspicious email, pay less attention to the typos and more attention to the grammatical errors. Even native speakers make typos. Many grammatical errors found in scam emails are of a nature that only a non-native speaker would make. They are obvious and will give you that suspicious gut feeling that tells you something’s not quite right. How Many Recipients Are There? Usually, when scammers send their emails it’s an automated process. They get a large number of addresses and send a bulk message to all of them. You might find that the “To:” field in the email has your address as well as many others. That should immediately raise a red flag. When a legitimate company wants to send you a personal email, they don’t tag a bunch of other addresses in the email. It is typically for your eyes only. Suspicious Links and Attachments Many scam emails contain suspicious attachments and links in them. Never open the attachments from such emails because they are most likely harboring malware that will infect your computer. If you want to verify whether the attachment comes from the true source or not, simply contact the sender in some other way, such as phone or IM, and ask them about it. Do not open the attachment. Sometimes links are hidden behind a button in the email. In that case, hover your mouse above the link, and look at the URL revealed in the bottom left-hand corner of your browser. If the URL looks suspicious, don't click it. Instead, contact the sender via some other method and ask them about the legitimacy of the link. A Sense of Urgency Oftentimes the message will try to invoke a sense of urgency. They will tell you that your account has been compromised and you need to do something immediately to save it, or that you are the winner of some lottery you don’t remember signing up for and you need to act quickly to collect your reward. When you see this, you should know that you are definitely dealing with a scam. Criminals will do anything to get you to act naively, including creating a false sense of urgency to get you to act without thinking. I’m Already a Victim. What Should I Do? If you've already been scammed and it happened on a computer at work, report the incident to the IT department or your boss. If it’s on your home computer, report it immediately online. You should also immediately take steps to protect the compromised accounts, such as changing your password or alerting Google, your bank, or whichever platform you opened the account on. If your credit card details have been stolen, contact your bank and ask them to freeze your credit card immediately. Ultimately, you should share these scams with others by reporting them so they can be further investigated and prevented in the future. But your greatest defense, by far, is to know how to spot them in the first place. How Do I Avoid Being Targeted for Email Scams? Unfortunately, just owning an email address makes you a target. Change your password on a regular basis and make them strong. Strong passwords have upper and lowercase letters, at least one number, and at least one symbol. When you're aware of the scams that exist you'll be more likely to recognize them and report them.