Spot the Scammer

I don’t know about you, but lately there have been more and more spam emails getting past my filters and taking up my time. Some of them are funny, but some of them look scarily like real emails from real companies.

While you can just bin the emails or flag them as spam, it can be good occasionally to forward the offending missive to the company from which the email seems to be sent. Using contact information you have found yourself. Only yesterday I forwarded one off to Apple.

However, those pesky phishing emails, where the senders try to get information from you, or gain access to your accounts, are more than just annoying, they are criminal. This week I’m concentrating on information that will help you spot these potentially harmful emails, and details on how to report them. It may go a little way to help stamp out the spammers.

First, it may seem obvious but let’s have a look at…

help spot the scammers

How to spot a scam email:

 

Personal information

One of the main ways a phishing scam gets your information is by asking for it, for example asking you to verify your password, card number or other personal details. A legitimate company wouldn’t do this. Do not give away your information… if you think the email may be legitimate contact the company yourself… go to their website, look for the ‘Contact Us’ area and use the information there to contact them. If the email is real they will be able to confirm it, and will not think you are bothering them… it’s always better to double check. Do NOT use any information from the suspicious email.

Bad spelling and atrocious grammar

Real companies, especially those big companies that are often targeted by the scammers, wouldn’t send out emails with bad spelling and grammar. They certainly wouldn’t use lots of capitals and multiple exclamation marks!!!!

Dear customer

If the email isn’t addressed to you personally, it’s also probably spam. Companies such as PayPal, Amazon and other large players will address you by name. If the email is from a small company, the chances are they will also address you by name. If in doubt, contact the company directly.

Multiple contacts

If the email has been sent to multiple contacts, and claims to be from a company either telling you of something mega important (but they need you to confirm by clicking the link, or give them your details) or that you’ve been chosen to win a prize, it’s also a scam. Check to see how many people the email has been sent to… even if they look real it’s probably a scam, and if they all start with the same letter of the alphabet you know it’s definitely a scam.

Newsletters you can unsubscribe from but never subscribed to

You will have probably received a few of these… you suddenly get newsletters (with lovely links) from companies you have never subscribed to. Do not click the ‘Unsubscribe’ link… even if it looks legitimate this will alert the scammer to the fact that your email address is a real one, and you’ll end up getting more spam.

Instead of unsubscribing have a look at the newsletter company that is being used. You can just flag the email as spam but, if they persist, mailing companies like Constant Contact and MailChimp have very tough anti-spam rules (believe me, I’ve used both to send out legitimate newsletters in the past). If you keep getting unsolicited mailings contact the providers (again do not click on any of the links in the newsletter) and tell them you are being targeted.

Danger, Help, I’m Stranded, Save the Kittens

If you get an email that pulls at the old heart strings, then it’s also more than likely a scam. The chances are your friend really isn’t stuck on safari without his mobile or wallet, there really will be no danger if you don’t reply to the email about someone in China wanting to register a domain name suspiciously like yours (this is a real scam, it’s amazing what a quick internet search will show up) and no kittens will be hurt if you fail to send them your phone number, account number and shoe size.

Scary stuff

If you get an email that not only pulls at the heart strings but makes you panic… STOP. DON’T PANIC. That is what they are after. If the subject line or the first lines of the email have you panicking it is a scammer. They want to make you panic as that’s when most people leave reason behind and click on the ever so helpful link provided.

If your bank account had really been suspended why didn’t the bank phone? – and if someone from the bank does phone and makes you panic, that may be a scam phone call… tell them you will phone them back, put the phone down and (this is important) do NOT phone from the phone line you have just been using. Use your mobile if you’ve been phoned on your landline, or vice versa, and phone the number you find in the phone book, or on your bank’s legitimate website.

Anyway, I’m getting off the point. No legitimate company would send you an email that makes you panic. Ever. If you get an email that makes you panic, move away from the email and only go back to it when you are calm and can look at it objectively.

question mark

How to deal with a scam email:

First of all NEVER click on any of the links. Just don’t do it. Ever.

 

Find out who really sent the email

Sometimes it’s obvious just by looking at the sender’s address, however if it isn’t that obvious you can usually expand your email settings to ‘Show Details’ (sometimes just ‘Details’ or ‘Expand’). The real sender’s address should show up in the details, or in the ‘Reply to’ area if there is one. Also be suspicious if the sender’s email is left blank. Do not click on the address link.

If the email says it’s from the Bank of England, but comes from Barry485 then you know something fishy is going on.

Check the URLs

Again, do NOT click the links. Hover your cursor over the links and look to see where they go. You will either see this as a pop up over the link, or in the bottom sidebar of your browser window. A scam email will have a link going somewhere totally different to where the link is supposed to go.

If the link you are supposed to click on says ItsReallyAllOk.com but when you hover over it it says WeAreGoingToTakeYour Cash.com you know it’s a scam. But if the ItsReallyAllOk.com link takes you to ItsReallyNotAllOk.com or Barry485.com even if it doesn’t look totally suspicious it’s still a scam as it’s taking you to a destination that is different from the one you are going to click on.

Beware… some of the links may be real, or look real… don’t rely on just one link. If one link looks right hover over more, especially the ones that you are meant to click on. Just don’t click on them.

Report them or bin it

When you are confident that you have identified a scammer you can simply delete the email if you want. Your friend won’t be stranded on safari, you won’t miss out on that multi-million pound Spanish lotto win (that you never entered in the first place) and the kittens will not be killed to death. You can flag it as spam before you delete it, then delete if permanently from you computer and you can sleep well.

However, companies like to know that people are using them to try to scam people. If you can find the company’s contact information on their legitimate website, you will often find instructions for forwarding phishing emails. It may be tricky, but it’s usually there.

Another way to report a phishing email is to forward it to your email provider. As it can be difficult to locate the information quickly I’ve done the legwork for you with the most used providers.

Below you will find details on how to report scam emails as of 17th April 2015

(information found via the company websites)

AOL

Forward the email to aol_phish@abuse.aol.com

If you prefer, you can also provide additional information before sending the email.

The company has put together some examples of common spam emails here:  http://mail.security.aol.com/suspicious-emails#gallery

BT

The help page for BT is here:

http://home.bt.com/tech-gadgets/internet/how-to-deal-with-fraudulent-emails-11363932621450

If you receive a phishing email that seems to be from BT, forward it to abuse@bt.com

Gmail

Google’s support page is here:

https://support.google.com/mail/answer/1366858?hl=en

Report the message as phishing by:

  • In Gmail, open the message you’d like to report.
  • Click the down arrow next to ‘Reply’ at the top-right of the message pane.
  • Select ‘Report Phishing’.

Hotmail, Outlook, msn.com, and live.com

Microsoft’s help page is here:

http://windows.microsoft.com/en-GB/windows/outlook/abuse-phishing-junk-email

In Outlook.com, click the arrow next to Junk and select:

  • Junk (for routine unwanted email).
  • Phishing scam (for email that is trying to trick you into giving out your personal info, for example passwords, bank info, or your Social Security number, or to steal your money).
  • My friend’s been hacked (if you start getting junk email or phishing from a sender you would normally trust).

iCloud

With iCloud addresses you can manually report messages as junk by forwarding a message as an attachment to spam@icloud.com

Their support page for helping manage junk mail is here: https://support.apple.com/en-us/HT203524

Apple also has a nifty way of cutting down on spam spent to your main email address – by using an email alias for online registrations, mailing lists and buying online. It’s different to having lots of separate email addresses, you can find out more on their website. https://support.apple.com/en-us/HT202316

TalkTalk

If your provider is TalkTalk (Tiscali) you can find out how to deal with phishing scams here:  http://help2.talktalk.co.uk/phishing-scams

Or follow the steps below to report phishing emails:

  1. Open the message and either click Action at the top of the screen, followed by View message source, or click Show Header in the blue message details heading.
  2. A new window or drop down section will open to show the full sender information. It’s really important that you send these details to TalkTalk, as it helps them trace the sender.
  3. Right click on the text and click Select All. Then right click again and click copy. Paste this into a new email and send to phishing@talktalkplc.com
  4. You’ll usually get an automatic email to confirm they’ve received your report, and they’ll look into the issue as soon as they can.

Yahoo

Yahoo has a comprehensive page to help you report spam:

https://help.yahoo.com/kb/report-spam-hacked-accounts-phishing-scams-yahoo-sln3402.html?impressions=true

 *************

This list is by no means exhaustive, but I hope it helps you stay one step ahead of the scammers and gives you a little peace of mind.

4 thoughts on “Spot the Scammer

  1. Thank you for this wonderful post. It’s full of great info — including a few tips I’d never heard before. Well done!

    • Glad you found it useful! Remember never, ever click on those links.
      The links to report spam will be different in countries outside the UK, but the information is basically the same, just go to your provider and look for the report spam or phishing page 🙂

  2. Thank you very much for the AOL spam email account. I get lots of those. One that you didn’t list is the email address to forward PayPal spam. I get lots of those, too, and PayPal is very pro-active about hunting down spammers. The address is spoof@paypal.com . If you’re not sure if it’s spam or not and you forward it to them asking, “Is this spam?” they respond promptly and answer you. 🙂

    And yes, I hate those “Oh, didn’t you sign up for a zillion promotional emails about my books? Here they are!” They’re very difficult to get rid of. 😡

    • Thank you Susan! Paypal are indeed good at hunting the spammer down. One problem I have had lately is a coupondealsdaily website sending me hundreds of deals…all from a different email prefix. So far I haven’t figured out how to stop them as each email address seems to be unique. I could go on and “unsubscribe” but I expect that would lead to even more spam. Urgh!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s