How to spot an e-mail hoax or phishing scam

Have I won a prize in a competition I never even entered? Is that e-mail offer really giving away all that cash? Is my friend stranded abroad with no money? Sadly, hoax e-mails are all too common these days. Many of us are not suspicious by nature and are willing to believe in freebies, prizes and distress calls. Being able to spot a hoax e-mail or an online scam has become an important part of our connected lives.

What is phishing?

E-mail hoaxes are often termed ‘phishing’. This term refers to scam e-mails that have been sent out in large quantities. The aim is that at least some of the recipients will be fooled into responding, sending cash or giving away vital personal information. This information could be passwords to accounts, banking information, social security numbers, date of birth etc. Phishing scams are targeted to gather personal information in order to hijack your assets or steal your identity to open accounts in your name. As well as e-mail, other forms of electronic communication such as social media, can also be used for scamming. Social media can be used to present a front that seems genuine, only to disappear once the fraud has been committed.

Malicious e-mails can also be used to do harm to your computer. A recent case that we were alerted to, involved a malicious attachment. When the attachment was clicked, malicious software was installed that rendered the computer unusable. Pop-up windows were displayed informing the recipient that a virus was installed and they would need to download and install a specific anti-virus software to get rid of the infection. Of course this anti-virus software involved a fee and from prior experience, we knew that the download wasn’t designed to cure the problem. Just another scam to extort money from the poor recipient!

Spotting the hoax

You need to develop a set of ‘red flags’ that tell you to be wary. Some basic pointers to trigger your suspicions include;

  • Asking for money is a very obvious ‘red flag’. Always be wary. A relative or friend may be in a foreign country, but a request for large amounts of money to buy a ticket to fly home should still be treated with suspicion. This type of scam is common, using hacked e-mail accounts.
  • Bad spelling or poor grammar in an e-mail claiming to represent a company or a prize agency, for example.
  • Unsolicited, something you haven’t asked for, commercial or personal request e-mail. Have you heard of the company or person? If any name seems unfamiliar, or you don’t recall signing up to a company, competition or offer, be suspicious upon receipt of such an e-mail.
  • The e-mail is promising large cash prizes or other rewards. Again, look for the company/person name, do you know them or did you enter a competition with this company?
  • The e-mail is from another country and you either know nobody from that country, or it’s not from the e-mail address of anybody you do know there.

Check the facts, every time

Remember, a friend, colleague or relative can have their e-mail hacked. You must be wary of e-mails coming from known addresses, if the request is unusual. Contact your friend to ask for confirmation of what they seem to be requesting.

If you receive an e-mail that appears to be from a company or website that you do business with, remember to look for the ‘red flags’ above. This is especially the case if they are asking you for any personal information, such as usernames, passwords or bank account details. Do not respond to these e-mails or click on any links! If you are concerned that there may be an actual problem with your account, navigate to the website yourself as you normally would, and log in. Better still, contact the bank or company directly and ask for confirmation of the request.

Remember, banks do not send e-mails asking for you to input personal information from an e-mail link. If you are suspicious, get in contact with your bank. They are just as keen as you are to hear of and defeat the scammers.

Links or attachments within a suspicious e-mail should always be avoided. Do not click on any web-links or activate any attachments by trying to open them.

When your suspicions are raised, take time away from the e-mail to talk to a trusted person. Check websites for information about scams or even call the police for information.

In short, being aware of such e-mail scams or hoaxes is an important step toward not falling foul of them. It doesn’t take great technical knowledge or IT know-how. Just use your natural suspicions, as you would in everyday life, and look out for those ‘red-flags’!

For more simple, helpful IT news and support, follow us on Twitter @Bimotechltd

Keep it simple