7 ways to spot an email scam
With technology a part of everyday life, it's like you have either received or heard about email scams. They are becoming increasingly common and more convincing as scammers use the names, branding and language of well-know companies, such as Netflix, nbn, Telstra, Facebook, Apple, the ATO and Australia Post, to try and trick unsuspecting recipients into revealing personal information, passwords and bank details.
Here are our top 7 tips for spotting a scam email.
1. Check the "from" address
While the sender name may seem legit, a scam email will usually have a pretty strange email address that it is being sent from. Click on the sender name or hover your cursor over it and the email address that the email is really coming from should appear.
2. Is the email subject line scaremongering?
Scam emails will try to hook you into opening them by using headings to worry you – “We found an issue with your account”, “Your user ID was used to sign in via a web browser” “Your account has been suspended”, or advising you about a purchase you know you haven’t made. If you are concerned about your account security, contact the company via the email or phone number you normally use for them, or visit the company’s website and access your account as you would normally, instead of following links within the email.
3. Is the greeting impersonal?
Does the opening of the email address you by name or how your emails from this company normal address you or is something more generic and impersonal like “Dear Client”, “Dear Customer” or “Dear Account Holder”. Sometimes scam emails might just open with your email address.
4. Is the language clunky or use poor grammar?
Most companies hire marketing and/or communication professionals to write and produce their emails, so their emails have a fairly consistent tone of voice and language. An odd typo or two is forgivable, but if the grammar, spelling and punctuation is repeatedly poor, or the language consistently clunky, with missed words, or not consistent with what you expect from the company, then it’s more likely to be a scam.
5. Are linked websites legit?
Email footers usually have some standard info, like links to privacy policies, contact information, addresses, ways to unsubscribe and so on. Can you actually click on the links? Are the websites hyperlinked in the email genuine? If you hover over a genuine link, the web address it leads to will appear in the bottom-left hand corner of your browser. If you accidentally click on the link, look at the web address that appears at the top of the page. Is it the same as the company’s webpage you normally use?
6. Does the email ask for personal, bank or log in details?
Most companies will never ask for personal or bank details via an email or ask you to supply log-in info, passwords, pin numbers or answers to security questions. If your online account information with a company has been genuinely, legitimately compromised they will usually ask you to visit your account on their website and change your security information yourself.
7. How accurate is the branding?
Scammers are getting smarter. The scam emails they send and the fake websites they create can look almost exactly like the real thing. However, if you look closely, there are sometimes basic errors in font style or size, spelling (e.g. Australian vs American English), colours or how the email is presented, which can give away that it's a scam. Does it look and sound like similar emails you have received from the company?