What are the most common email scams and how can I avoid them?

How can I stop myself from becoming a victim of email fraud?

Email scams, also known as phishing scams, are the most common form of cyber crime, with over 3 billion spam emails sent every day. In fact, almost half of all emails sent in 2022 were spam. Younger people are at risk from being targeted by email scams, with data showing that Millennials and Gen-Z internet users are most likely to fall victim to phishing attacks.

These types of email scams are designed to trick individuals into giving away their personal and financial information, often by impersonating a trustworthy organization or individual. In this Guide To, we will explore the different types of email scams, how to identify them, and what you can do to protect yourself.

Email scams: a quick summary of what you need to know

Email scams, also known as phishing scams, are a type of online fraud where criminals send fraudulent emails that appear to be from a legitimate source in order to trick the recipient into providing sensitive information or money.
Phishing scams are one of the most common types of cyberattacks, with millions of people falling victim to them each year.
It’s not just the elderly or non-tech-savvy that are at risk from email scams, digitally literate and digitally native internet users aren’t immune from the risks of sophisticated phishing attacks.
The most common types of email scams include fake job offers, lottery scams, and requests for financial assistance.
Scammers often use social engineering techniques, such as creating a sense of urgency or fear, to manipulate victims into responding to their fraudulent emails.
Email scams can be difficult to detect, as they often appear to come from a legitimate source and use sophisticated techniques to mimic the look and feel of a real email.
Some email scams are more sophisticated than others, with scammers using advanced tactics such as spear phishing to target specific individuals or organizations.
Email scams can have serious consequences, including financial loss, identity theft, and damage to an organization’s reputation.
Protecting yourself from email scams requires a combination of education, awareness, and technology, such as spam filters, antivirus software and parental controls.
If you suspect that you have received a fraudulent email, it’s important to report it to the appropriate authorities and take steps to protect your personal information.

What are the different types of email scams to look out for?

There are many different types of email scams, but most fall into the ‘phishing’ category. These are the most common types of email scams. Phishing scams are designed to trick you into giving away your personal and financial information. They often appear to come from a trustworthy source, such as a bank, a credit card company, or a social media platform. Some email scams are more personalized and nuanced, such as Facebook and Zelle email scams, which we will cover below:

Delivery or FedEx Email Scams

Our love for online shopping has given rise to a new form of email scam. This type of cyber crime involves sending an email that looks like it’s from one of the popular delivery services about a parcel you are expecting. This will often contain links and ask you to update or pay for taxes or duties to release a parcel. Sometimes it will look like a simple delivery update or a form of tracking information with an external link. Once clicked, the criminal has access to data, passwords or more. In an interview with USA Today, a FedEx spokesperson said, “Any suspicious text messages or emails should be deleted without being opened, and reported to abuse@fedex.com.”

Lottery Email Scams

Lottery scams are emails that claim you have won a large sum of money in a lottery or sweepstakes. To claim your prize, you are asked to provide personal information, such as your name, address, and bank account details. In reality, there is no prize, and the scammer is just trying to steal your information.

Job Email Scams

Job scams are emails that offer you a job or work-from-home opportunity. They often claim that you can earn a significant amount of money working from home, but first, you need to pay a fee or provide personal information to get started. These emails are always a scam and a legitimate employment opportunity would never get you to send cash in order to start work.

Tech Support Email Scams

Tech support scams involve an email or pop-up message that claims your computer is infected with a virus or malware. The email or pop-up will offer to help you fix the problem if you call a certain phone number or download a certain software. In reality, the scammer is trying to gain access to your computer and steal your personal information.

Paypal Email Scams

Paypal is one of the world’s most popular payment and invoicing platforms. As with all financial institutions and places where we store our money, it attracts plenty of criminal activity, including a variety of email scams. So much so, Paypal has a page of advice on the different types of scam and what to watch out for. These include invoice and money request scams where scammers will ask for cash for fake goods and services, overpayment scams where your bank details are requested for a fictitious refund, fake charities and even fake pre-paid postage label scams to obtain your personal details.

Paypal is one of the most targeted platforms for scammers and so it’s important to be extra vigilant to communications you receive via email from anyone purporting to be Paypal. If you believe you have received a scam email, always contact Paypal directly to report a phishing attack. The company advises the following steps:

Received a suspicious email, or message or been directed to a fake website? Forward it to phishing@paypal.com and then delete it.
Don’t reply, open links, download attachments, or call any listed phone number.

Zelle and Venmo Email Scams

Both Zelle and Venmo connect to your bank accounts and finances, making them a prime target for email scams. In 2022, Zelle users transferred $490 billion and its super-fast functionality means that once a payment is on its way, it’s almost impossible to stop it. It is also reported that banks refuse to pay back up to 90% of people who were scammed via Zelle, so it’s crucial to understand how to spot the most common phishing attacks and email scams via Zelle.

Using ‘spoofing’ tactics, scammers send emails offering bogus account upgrades that rely on gaining access to your account once you share your details. Once in, the hacker will log you out and steal your funds.

Aas Zelle is used for personal payments between individuals or small businesses, scammers have sophisticated means to scam their victims. One such example is through Facebook Marketplace. A ‘buyer’ will respond to a listing on the platform, enquiring after its availability. The scammer will pretend to be older or not very tech-savvy and request your details to send you money on Zelle. After this, victims then receive a spam email that appears to be from Zelle, for example ‘customerhelp.zelle@outlook.com’, which will ask the seller to upgrade to a business account or include a pay link.

To avoid these attacks, always ask for the recipient’s email address, not phone number as spotting typos is easier than fake phone numbers. Remember that you don’t need a Zelle business account to make and accept payments on Zelle.

Microsoft Email Scams

By gaining access to your emails, any scammer has the ability to hack much more of your online data. Microsoft, Gmail and Yahoo email scams can be really diverse, and scammers are increasingly creative when devising ways to get at your information.

Constantly evolving, a recent and widespread Microsoft email scam that is currently circulating is asking users to update their account to reactivate it. After clicking a link, or entering personal details, the account is then taken over by the scammers.

Amazon Email Scams

The most popular e-commerce platform in the world, with sales forecast to $1 trillion by 2027, it’s no wonder Amazon is frequently used by scammers for their email attacks.

Amazon email scams are diverse, with tactics such as delayed orders, missed payment details or tracking updates all common. In each example, the scammer will be directing you to enter personal information, click external links or download something.

If you’re suspicious at all about an email you have received from Amazon, forward it to stop-spoofing@amazon.com and delete it immediately.

Always look out for subtle signs like the email address containing unexpected characters, numbers or spelling mistakes in the text.

Facebook Email Scams

Facebook email scams are generally centered around hacking. The scammer tries to gain access to an account to spread more spam through your contacts, or send harassing messages.

Typically the spam email will ask you to update your password or login data and contain a link to click to do so. Facebook advises that any suspicious emails are immediately deleted.

Bank of America Email Scams

One of the nation’s most used financial institutions alongside JPMorgan Chase, the Bank of America is no stranger to cyber criminals using its brand to email spam. Like many of the other examples in this Guide To, the goal of the email is to get you to share identifying and personal information that the spammer can then use to access your bank account.

Always stop to spot any communication asking you to provide personal information out of the blue or sending emails to tell you there are issues with your account, including refunds and tax rebates. Always call the bank directly to check with them that any requests are legitimate. Your bank should never contact you via email to request, or ask you to update, personal information or passwords.

Coinbase Email Scams

Coinbase is one the world’s best-known cryptocurrencies alongside Bitcoin and Ethereum. Like all these investment opportunities, email scams can be common. It has been reported that Coinbase customers received what looked like it was from an employee of the company requesting information due to what looked like suspicious activity with their account. This was in fact a phishing attempt to move their investments. It has also been reported that Coinbase employees themselves were victims of a similar security breach via a SMS message that asked them to log in to their email accounts.

How to identify email scams and protect yourself

Email scams can be difficult to identify, and they’re getting much more sophisticated using the exact colors,branding and tone as our favorite brands and businesses. And, if you’re rushing, or excited or concerned about the content of the message, it’s easy to fall victim to them. However, spam emails will never come from a legitimate source, and there are a few key things to look out for:

Suspicious Senders

Check the sender’s email address carefully. Scammers often use email addresses that look very similar to legitimate ones, but with slight variations, such as @g00gle.com instead of @google.com. If the email address looks suspicious, do not open the email or click on any links. Always revert back to the business using an email address you’ve found on its website to check the legitimacy of the communication you’ve received.

Urgent or Threatening Language

Scammers often use urgent or threatening language to make you feel like you need to take immediate action and generate a fear response. For example, they might claim that your account has been compromised and that you need to click on a link to reset your password or they may say you’re about to face criminal action or fines if you don’t rectify an urgent issue.

Requests for Personal Information

Legitimate companies and organizations will never ask you to provide personal information, such as your password, social security number, or bank account details, via email. If you receive an email that asks for this type of information, it is likely a scam. Always revert back to the business to double check the request and report the communication you have received.

Poor Spelling and Grammar

Legitimate businesses and well known brands hire copywriters, editors and skilled graphic designers to ensure their communications to you are as slick and engaging as possible. Scammers often use poor spelling and grammar in their emails. If an email looks untidy, or contains spelling or grammatical errors, it is likely a scam.

Unusual Requests

Be wary of emails that ask you to do something unusual, such as download a certain software or wire money to a foreign bank account. If an email request seems unusual or suspicious, it is best to err on the side of caution and delete the email.

What to do if you believe you’ve received a scam email

If you believe you have received a scam email, here are some steps you can take to keep safe, prevent future attacks and educate other members of your family on how to avoid being scammed.

Do not respond or click on any links or attachments in the email. Scammers may use these to steal your personal information or infect your computer with malware.
Mark the email as spam or phishing, if your email client allows it. This will help to prevent similar emails from reaching your inbox in the future.
If the email appears to be from a legitimate organization or company, contact them directly to verify its authenticity. Do not use any contact information provided in the suspicious email, as this may be part of the scam.
Check your accounts and credit card statements for any unauthorized activity. If you see anything suspicious, contact your bank or credit card company immediately.
Consider reporting the email to the appropriate authorities, such as the Federal Trade Commission (FTC) or the Anti-Phishing Working Group (APWG).
Educate yourself on how to identify and avoid phishing scams in the future. Look out for suspicious sender email addresses, poor grammar and spelling, and requests for personal or financial information. Digital literacy is an important skill for the whole family. Check out our Guide To Digital Literacy.
Add extra protection by installing parental controls like Kidslox on your children’s devices. By doing this you can block purchases, websites and apps and monitor what your children are using the internet for. Knowing you’re supervising their activity, and being a sounding board when navigating the online world will help your child be a more responsible digital citizen.