How To Spot Scam Emails In 2017
With news this week that internet users are once again being fooled by fake Australia Post email scams, it’s a pertinent reminder to us all to check our habits. Because while some emails are so hilariously bad that they are an obvious phishing scam (like our good friend, the Nigerian Prince), others can be more convincing. So if you’re after some reminders on how to spot scam emails, check out our top tips below.
Beware of Forms That Require Passwords or Sensitive Information
Recently a friend of mine was sent an email from ‘Facebook’ notifying her that her business page had been reported, and was being shutdown. Thankfully though – according to the email – the solution was pretty simple. All she had to do was click a link to rectify the issue and confirm the page belonged to her – or so she thought. Upon clicking the link, she was taken to a page that looked pretty much identical to Facebook, but asked her to upload her credit card details to confirm her account. It was at this point that my friend listened to the nagging feeling in her stomach, took a few screenshots, and decided to ask some friends before going any further. It’s lucky she did, because when we looked into it, there were several red flags. Mainly, the subtle spelling errors and awkward phrasing in the email.
At the end of the day, a site should never email you requesting credit card details be entered. Always contact the business by phone, or open a new tab and go directly through their real website, before giving away any sensitive information or payment details.
Always Check The Domain URL
One of the simplest ways to spot an email scam, is to look at the full address of the emailer, or the website URL. For example, in the case of the recent Australia Post scam, the emails were reportedly directing users to a website that used the suffix ‘.tk’ instead of .com.au – which was a good giveaway that it wasn’t legit.
If you’re on your PC, just hover your mouse over the email field or website to see the entire address. If it’s different to the website they’ve listed, or you don’t recognise it, don’t click. Do a quick Google search for the actual company and take note of their real address.
Trick The Scammer With A Fake Password
If you click on a website link that you’re not sure of, and it asks you to sign in, use a fake/incorrect password to do so. If it logs you on with the wrong password, then those alarm bells should be ringing pretty clearly now! Back away from the website immediately.
Note: According to Yahoo’s security and phishing tips, sometimes a phishing site will still display an error message regardless of whether you enter an incorrect/correct password, so go with your intuition and don’t just rely on one method of verification.
Other dodgy things to look out for, include:
- Offers that seem too good to be true.
- Emails that start with ‘Dear Madam,’ instead of your name.
- Email attachments – generally word docs.
- Awkward grammar or spelling errors.