Site icon Emsisoft | Cybersecurity Blog

Safe emails vs scams: the key differences

blog_main_email_scam

Over one billion consumers send and receive email on a daily basis. Of those, eighty thousand are victimized by scams everyday and a total of four million people fall prey to scams annually. It is essential for everyone to learn to differentiate a safe email from a potential scam because carelessly opening attachments and messages may leave you facing the aftermath of financial loss and identity theft.

45% of users are fooled by email scams and face financial loss or identity theft

According to Scamdex, these are the top five types of email scams that you need to watch out for:

#1) Employment scams – fake job offers (work from home)

These types of scams typically target people looking for or changing jobs. The majority of the employment opportunities on the internet are work from home jobs that promise a large sum of income for a small amount of work. Many employment offers as these are a form of check fraud which means scammers will illegally use a victim’s checks to borrow funds that do not exist within the account. You can often recognize these type of scams by the use of pictures with money or cars, testimonials, payment fees, and loud text.

Photo by Andrew Toskin, Flickr

Keep in mind that many work from home job offerings are often too good to be true. Use common sense and be on the lookout for job email scams that promise you a high wage for easy work or little work. Never give out your personal details to crooks sending you unsuspecting work from home career opportunities by email. Do not reply to the message, just discard it before scammers even have a chance to obtain your email address.

#2) Auction scams – fake messages from online shopping sites such as eBay and Amazon

Everyone loves shopping online. Unfortunately, scammers use the opportunity to rip off shoppers that may be unaware they are being scammed. Be weary of products advertised at a low price, poor ratings on an auction, completing a transaction outside of the auction, and a seller insisting on immediate payment.

Scammers pretend to sell a product at a very cheap price in order to steal your credit card and bank account details. Another trick scammers use in online auctions is entering a low bid followed by a very high bid using a different name on a product you are selling. Also beware of “miracle” products for sale online that seemingly provide unbelievable cures and weight loss capabilities.

Photo by Jett, Bet You Didn’t Know Blogspot

Always find out exactly who and what you are dealing with in online auctions and ensure payment methods are secure by using an https//: web address.  Also, take a look at the auction privacy policy and refund/returns policy to be sure everything seems fair.

#3) Phishing scams – fake messages from Paypal, social security administration, and banks

Of the 1% of users that lost money through phishing scams, 53% were not compensated by their bank and 11% say they are still waiting for compensation. According to research conducted by Google involving phishing attacks:

“Most of us think we’re too smart to fall for phishing, but our research found some fake websites worked a whopping 45% of the time.”

Photo by Quintana Hanson, Tax Refund

Phishing email scams often resemble official-looking messages from retailers, Facebook, banks, Paypal, and eBay. The messages often ask you to confirm details that warn you to take immediate action involving your account, such as confirming your bank account details. Most phishing emails contain special links that route you to genuine and spoofed websites. Do not fall for the massive number of  shipping label and package tracking scams that claim you have a package on its way by means of a popular shipping service such as Fedex or UPS.

Photo by Saidul A Shaari, Flickr

In order to prevent yourself from being a victim, you should never send money or give personal details to strangers. Keep a periodic check on your credit card and bank statements and shred all important documents containing personal information. Always log in to a website directly and don’t click on suspicious links within an email message.

Google also discovered that users may not have much time to recover or change their login information before hackers access their account.

“Around 20% of hijacked accounts are accessed within 30 minutes of a hacker obtaining the login info.”

#4) Lottery and giveaway scams – the foreign lottery, competitions, and free vacation giveaways

Lottery and competition scams promise a recipient a big prize or something else to win. These types of scams are delivered in a variety of ways including – over the phone, in person, email or by conventional mail. The scammer will present that you have won a substantial amount of money and that all you have to do to claim the prize is to send money to pay fees such as taxes, customs duty, shipping, etc. Typically, users’ requests to take the fees out of the winnings; but, always receive the same response from the criminals: “we cannot do that”.

Photo by Jamil Velji, Wikipedia

Be wary of vacation scams that promise you a free vacation which requires you to pay a supposed service charge or purchase a membership to a travel club. Always seek the advice of a financial or legal expert before sending money.

#5 ) Advanced fee fraud scams – Promises of sending money, products, services, and special deals

Advanced fee fraud is a popular email scam that is also known as upfront fee fraud. It is any scam that charges you a fee and in exchange promises to send you money, products, services, and special deals. In addition to this, you may also be asked to assist in removing funds from a country in turmoil or help law enforcement catch thieves.

The most prevalent type of scam that hit a massive amount of users is referred to as the 419 Nigerian Scam. A scammer typically will contact someone by letter or email and offer a share in a large sum of money which they want to export from their country. The recipient is then asked to pay money or give bank details to help with the money transfer. The victim must pay fees, charges and taxes to help release the money out of the country or bank account. The scammers continue to make up fees that you must pay before you can receive your money.

Image by Morburre, Wikipedia

Off course you will never be sent the supposed promised funds. According to the Nigerian Fraud Watch website, victims have lost a shocking 12.7 billion dollars due to this scam.

Users perceive emails by what they see with the naked eye

Four popular universities – University of Buffalo, Brock University, Ball State University, and University of Texas in Arlington – conducted a study and launched a phishing attack against a group of users. The purpose of this was to discover the psychological reason behind why people fall victim to phishing spam emails. They state:

Our results indicate that people process most phishing emails peripherally and make decisions based on simple cues embedded in the email. Interestingly, urgency cues, i.e., threats and warnings, in the email stimulated increased information processing, short-circuiting the resources available for attending to other cues that could potentially help detect the deception.”

The study reached a few conclusions:

  1. Users only process what they see with their eyes and do not perceive the potential scam with their mind.
  2. Users make decisions to open and read an email based on captivating titles, graphics, testimonials, and matters of urgency such as “your bank account will be deactivated if you don’t respond now”. The element of fear also plays a part because a user is often scared by the title or content of an email without asking how this is possible or why is this happening.
  3. Urgency cues in an email stimulate information overload. Too much is often happening within an email and that leads to the brain processing too much at one time leading to an information overload. Use of catchy titles and influential content/graphics cause users to often miss an alert from their security product or a warning message from an email filter that could alert them and potentially flag the scam they are about to fall victim to.

“The findings suggest that habitual patterns of media use combined with high levels of email load have a strong and significant influence on individuals’ likelihood to be phished.”

Emsisoft Enterprise Security + EDR

Robust and proven endpoint security solution for organizations of all sizes. Start free trial

How to avoid being victimized by email scams

Photo and content by Microsoft

Have you seen these type of emails scams going around? What other ones are you aware of? Have a great (scam-free) day!

Exit mobile version