COVID-19 Update: Despite Covid-19 it is very much business as usual at ramsac. Our team are working remotely to continue to deliver the industry leading IT support and project work you expect from us. Please get in touch to find out how we can support your business or check out our Covid-19 resources.
Posted on September 11, 2020 by Louise Howland
Among the many ways that cybercriminals try to target people is via email scams. Having been around for a few decades now, it will be no surprise that email scams have become increasingly sophisticated. Nowadays, cybercriminals act quickly and create email scams that reflect current affairs, which recipients might be drawn to, such as those relating to coronavirus throughout 2020. Make sure you stay one step ahead of the game by understanding how email scams work, we have listed 5 example scams to help you recognise email scams.
Cybercriminals know how to tap into people’s fears and desires, which is why these types of emails always contain some kind of appealing messaging. Among other attractions, these could relate to obtaining information, great discounts, or other financial incentives.
Getting someone to open an email scam is just the first step, however. The next is to actually obtain personal information or unleash a virus. This can be done in various ways:
The trick behind how email scams work is that they tend to rely on the naivety of the reader. The cybercriminal who has sent the scam has done so in the hope that the recipient will provide information willingly, which will then be exploited. For a better understanding of how cybercriminals operate, learn more about how to think like a cybercriminal.
Unfortunately, there seems to be almost endless types of email scams out there. From out-of-the-blue contact from an unknown email address, to those that look to be from an ordinary, reputable source. It’s never been more important to be on guard when it comes to email communication. Knowing how to spot phishing emails can be tricky, but to help, be aware of the following five common email scams.
To quickly attract attention, and increase the chances of an email being opened, cybercriminals will often use tricks to make a reader think they are due some money. This can be recognised straight away because the subject line will often mention a financial incentive. There are a range of these sorts of emails out there, including:
If you receive an email that mentions any of these, and you’re not expecting it, it’s likely to be a malicious email that you should not trust.
Another common way of tapping into people’s vulnerability is to imitate a trusted source. Many cybercriminals are aware of the kinds of businesses and official bodies that are commonly used and trusted, and will impersonate such groups knowing that the recipient will either be curious, or worried about ignoring it. All the following have been known to be impersonated by cybercriminals:
Emails that look to be sent from these kinds of sources tend to look very convincing, and many recipients are indeed tempted to believe their contents. It can be hard to tell if an email is genuine, but look for errors such as spelling mistakes and incorrect logos to help. Also be aware that it’s unlikely that such official sources would ask for personal information via an email in this way. If you have any doubt, get in touch by phone with the genuine company or official body for confirmation.
It’s also known that cybercriminals often try to tap into people’s desire for a discount. Another common email scam is one that offers a product or service, either at a fantastically low rate, or offers something that’s hard to get hold of.
Depending on the cybercriminal and their knowledge of your internet activity, such emails might advertise something you’re in the market for – such as a discounted car or insurance – or they could contain something illegal. There are many email scams out there claiming to offer illegal substances or services in a ‘discreet’ or ‘undetected’ way.
Any email that fits this description is likely to be from an unreliable source and should not be trusted.
Tapping into a recipients’ fear, some cybercriminals adopt the guise of a utility provider chasing payment. In this case, the email is likely to be worded in a professional yet stern manner, causing the reader to feel gently threatened into making a payment. The email could be from any kind of provider, including:
Should you ever be on the receiving end of this kind of email, be sure to get in touch with your provider to clarify the situation, and report the email scam.
Sadly, at the moment, coronavirus-related scams are being sent out all the time. Again, exploiting people’s fear, these kinds of email scams could mention all kinds of incentives to encourage a reader to click on an untrustworthy link. Look out for requests for personal information or bank details in relation to:
COVID-19 scams don’t look to be abating any time soon, as the world remains so affected by this pandemic. Be aware of these, and question any emails you receive about coronavirus – no matter how official they look.
As well as understanding what kinds of email scams to look out for, another common question is ‘how can there be an email scam from my own email address?’ This kind of email scam is known as ‘spoofing’ and unfortunately, it’s fairly easy for a cybercriminal to do.
Some email providers enable a sender to change the ‘from’ field of an email to any email address they like, so a cybercriminal would only need to be aware that your email address exists to then use it. To find out if an email address exists, a cybercriminal simply needs to buy or obtain information that has been gained due to a data breach.
The reason why a cybercriminal would opt to send an email scam from your own email address is usually to frighten you. The email would likely warn you that your account has been hacked (which might not be the case), and will only be protected again after you pay a ransom.
Email scams are unfortunately an effective method for cybercriminals, because a significant number of recipients fall for their tricks. In addition to knowing what to look for in an email scam, it’s important for people to be educated on the importance of a human firewall – especially in a business setting. In order for systems and data to be properly protected, all those who have access should be trained in how to defend against cybercrime. Learn more about effective human firewalls, or get in touch to arrange cybersecurity training for more knowledge.