During 2014, I wrote several times about scam emails and that advice still applies today at the start of 2016. Scammers are finding new ways to con you each day but they also keep trying the old ways too as people are still falling for it. In this short article I reiterate that advice in the three main areas of email scams covering attachments, links and cons.
In brief the way you can stay safe from nearly all of scams is to never click on any links and never open any attachments, regardless of how authentic they look.
Email attachments
Do not open any attachments unless you requested them or you can verify their source. Just because a document is a PDF or Zip or Word Document, doesn’t mean that they can’t infect your machine or even all the machines on your whole network (home or work). Right-clicking and selecting print means your computer has to open the attachment in its associated application before it can print so you still get infected.
Online retailers and banks do not send attachments by email, don’t be curious to see what it says, if you are unsure then verify with the sender that it is legitimate. If you want to print an invoice then login to your account using your browser and not a link/document supplied in the email.
Email links
Do not click on any link sent in an email unless you expected to receive that email or it is direct relation to an action that you have instigated online. For example it is OK to click on a link in an email for a password reset, when you have just asked for your password to be reset but not OK to click on one if you have not request it.
Government departments such as the tax office, financial institutions such as banks and now even retailers will never ask you to click a link in an email about your account. They all have a code of conduct or best practice that they follow and if they do ever need to contact you about your account in an email (which is unlikely) they will tell you to log in to their website in your usual way (no link) or to telephone them with the usual number (no telephone number will be shown in the email).
The other type of links either use frightening tactics such as; “your Apple account has been used to purchase a product click the link to view (or open the document)”, or prey on your curiosity such as; “I am Katrina and I’m looking for love – click on the link to view my profile”.
Email scams
The other type of scam is to get you to pay for something you don’t need or to send money to help someone. There is only one piece of advice here; if it looks too good to be true then you can absolutely guarantee that it is a scam. There are no dead millionaires with money tied up in Nigerian bank accounts, there is no need for you to renew a search engine submission service (for those of you that own domain names), or one of the many other variety that prey on peoples greed, curiosity or fear.
So all I can really say about the email scams that don’t have links or attachments is to use common sense. Nobody gives anything away for nothing and sharing your bank details or other personal information can have a devastating effect. You can rely on the old saying that “if it sound too good to be true then it probably is”.
Final words of advice
One last word of warning, just because you receive something many times, doesn’t make it any more authentic. I’ve also known of people actually being worn down by the large volume of scam emails. Something gets the better of them and they know either opening an attachment or clicking a link is probably going to lead to their device getting infected but they still do it (and regret it, of course). They mistakenly believe that their anti-virus (AV) software will block anything dodgy but viruses are mutating all the time and the AV providers can only protect you against viruses they know about or patterns they can recognise (so only old viruses and not new ones). I would absolutely still have AV software installed but remember that you are the only real protection against email scams.
If you do open one or If you are lucky, you realise your mistake straight away and wiping your machine (setting back to factory settings) will remove the infection, although not always. If you are unlucky, you’ll assume that the attachment/link just didn’t work, you’ll carry on as normal and the scammers will gain access to all of your accounts and then corrupt/shut your machine down at some point in the future whilst they take all of your money.
If you want to see some examples of email scams then I had previously collated a few over several months into a “special report on email scams” that you can take a look at.