Recognizing Email Scams
Email scammers use several strategies to bypass email defenses and trick users into divulging information or running malicious code. Some types of scam emails include a link to an attacker-controlled malicious website where the attacker collects sensitive data from victims. When one method stops working, attackers often revise their approach to improve the number of targeted users affected by their email scams.
Red flags of an email scammer:
- Claims that you must log into a website or your account will be closed. This tactic includes a link to an attacker-controlled website.
- Claims that your payment information is invalid and you must log into your account and change this information to keep the account active.
- Claims that your personal information is inaccurate and you must directly submit this information the the sender of the email either by using a reply message or linking to a website.
- Attaches an invoice for payment.
- Conveys a sense of urgency or confidentiality.
- Claims that you could receive a government refund and asks for sensitive data such as social security number.
- Requires you to submit private data to obtain free products, coupons or money.
Here are a few examples:
Advanced Fee Scam asks for your help to recover money offering a percentage of the funds.
Email account upgrade scam is basically that your account will expire unless you respond.
The fake invoice scam is where it looks like you bought something and asks you to call customer service to cancel the order. They will ask you to verify your credit card.
