Every day millions of scam emails are sent to un-expecting recipients. On your dash to work, it's easy to do a quick check and fall into the trap of clicking on a dubious link from an email to verify your Paypal account.
Scammers know this and play into our insecurities of being locked out of vital services we use daily.
Our guide on how to protect yourself from email scams will walk through some pretty simple steps you can take to make sure you don't fall into common traps.
Tip 1 – Always Use a desktop PC or Laptop if you're unsure
If the email looks slightly suspicious it's much easier to perform the checks outlined below on a laptop or PC. There's extra tools/techniques at your disposal to verify the identity of the person sending the email.
Tip 2 – Never open an attachment if you're not expecting it
Email scammers will often attempt to get you to open an attachment for an unpaid invoice or form to complete. If you open it, it then downloads a virus to your device for the scammers personal gain.
This may be in the form of paying them to fix the issue, stealing personal data or running programmes on your device that will generate them money from adverts.
If the email contains any attachment you're not expecting, just don't click on it and if necessary, contact the sender via phone to check exactly what the attachment is for.
Tip 3 – Don't click on links within the email
Even if the email sender appears to be known to you, be wary of clicking on any links asking you to login to your account. Email scammers are getting particularly good at creating very genuine looking replica websites for companies such as Paypal to then steal your personal details.
If someone has asked you to click on a link to do something, its better to just type the domain name directly into your browser (e.g. Paypal.com) so you can be sure it's the authentic website. If an action needs to take place, the'll inform you when you login and if nothing is required, you know the email was likely a scam.
Tip 4 – Check the sender is actually who they claim to be
It's surprisingly easy for a scammer to pretend to be from an established company like Paypal. When they create the email, they can add anything they want to the sender name (in much the same way you add your name to Hotmail or Gmail when creating an account).
The first step is to simply hit the 'reply' buton. This will then display details of the received message below the space where you're reply message would appear.
Instantly you should be able to see the actual email address the message was sent from. For example someone claiming to be from Paypal or Natwest may be using an email address such as natwest[at]casinosbogus.com.
Tip 5 – Check for basic spelling & grammar
As a lot of email scams originate form overseas, it's common to find multiple grammatical and spelling mistakes in scam emails as English isn't their first language.
It's also been reported that these mistakes are now sometimes deliberately made, to test how easy the recipient may be to scam as they clearly haven't paid much attention to the content of the email.
If the spelling sucks, it's unlikely to have come from a reputable company who have teams of people working on email campaigns and pay a lot of money to make sure the email content is perfect.
Tip 6 – Check the full message source
For the more technical among you, the final check you should do if you're still 50/50 on the authenticity is to check the message source. This is the coding behind the email and can be accessed in Outlook by right clicking on the email and selecting 'View message source'.
The file displayed may look like Latin to most, but it contains all information about the IP address the email was sent from, the server information and more. It can't be faked and is the most accurate way for checking whether an email is authentic.
Tip 7 – Phone the recipient
Last but not least, if it appears to be an important email and you're worried something may happen if you don't click on the link as requested or download an attachment, contact the company directly.
Either go to their website and get the phone number and email address, or go into a store/branch.
Never use contact details listed in the email as these could be faked. The staff will then be able to confirm if the email is from them and whether anything is required on your part.
Common Email Scams To Watch Out For
Emails from recipients claiming they're in for a windfall inheritance but need your help to get the money into a bank.
Emails claiming to be from Paypal/Amazon/eBay requesting you to change your login details (however it is a good idea to regularly change your password directly on these websites)
Emails claiming to be from a bank and requesting you to change your login details
Emails claiming to be from a small UK company with an attached overdue invoice
Emails claiming you've won a casino or bingo jackpot prize (if you don't gamble online, there's no way you've won!)
Emails claiming to be from HMRC that you're entitled to a tax refund and requesting you to complete a form (example below)
So what's wrong with this email?
1) Email subject line – 'service' is missing a capital 'S'
2) Sender name & address – no email address linked to the HMRC
3) Poor spelling – in the first line 'determinate' should be 'determined'
4) Urgency – it's unlikely the HMRC would use exclamation marks in any email correspondence
5) The dreaded link to a form
6) HMRC is not an incorporated company, as indicated by 'HM Revenue, Inc in the footer'