45% Of All Users Cannot Tell a Scam Email From a Safe One. Can You?

By | April 30, 2015
Print pagePDF page

About this article…

Again, with permission of our friends at Emsisoft, we’re featuring this article about email safety and how you can tell spam and scams from safe email. Don’t scoff and think you know how to tell – it’s not as easy as it use to be. Scammers and spammers have honed their skills and now nearly half of all computer users (45%) are fooled by spam and scam emails. We  have covered this subject in our newsletters many times, but Emsisoft does an excellent job of covering some of the spam and scams you’re most likely to encounter, and help you tell a good email from a malicious one.

Note: We agree with almost all of this article, we don’t agree with the idea of installing MailWasher. We have found MailWasher too aggressive and too slow; it is just as likely to throw the baby out with the bathwater as it is to protect you from nefarious emails. We don’t recommend or endorse MailWasher.

We do recommend and endorse Emsisoft because we have, by now, seen it in action on hundreds of computers and we know that Emsisoft can help protect you from the threats you’re most likely to encounter every time you’re online. You can learn more about Emsisoft Anti-Malware (and antivirus) here.

How to recognize the difference between a safe email and a scam

From Emsisoft’s Blog

Over one billion consumers send and receive email on a daily basis. Of those, eighty thousand are victimized by scams everyday and a total of four million people fall prey to scams annually. It is essential for everyone to learn to differentiate a safe email from a potential scam because carelessly opening attachments and messages may leave you facing the aftermath of financial loss and identity theft.

45% of users are fooled by email scams and face financial loss or identity theft

According to Scamdex, these are the top five types of email scams that you need to watch out for:

#1) Employment scams – fake job offers (work from home)

These types of scams typically target people looking for or changing jobs. The majority of the employment opportunities on the internet are work from home jobs that promise a large sum of income for a small amount of work. Many employment offers as these are a form of check fraud which means scammers will illegally use a victim’s checks to borrow funds that do not exist within the account. You can often recognize these type of scams by the use of pictures with money or cars, testimonials, payment fees, and loud text.

152204_WorkFromHomeScam

Keep in mind that many work from home job offerings are often too good to be true. Use common sense and be on the lookout for job email scams that promise you a high wage for easy work or little work. Never give out your personal details to crooks sending you unsuspecting work from home career opportunities by email. Do not reply to the message, just discard it before scammers even have a chance to obtain your email address.

#2) Auction scams – fake messages from online shopping sites such as eBay and Amazon

Everyone loves shopping online. Unfortunately, scammers use the opportunity to rip off shoppers that may be unaware they are being scammed. Be weary of products advertised at a low price, poor ratings on an auction, completing a transaction outside of the auction, and a seller insisting on immediate payment.

Scammers pretend to sell a product at a very cheap price in order to steal your credit card and bank account details. Another trick scammers use in online auctions is entering a low bid followed by a very high bid using a different name on a product you are selling. Also beware of “miracle” products for sale online that seemingly provide unbelievable cures and weight loss capabilities.

152204_EbayScam

Always find out exactly who and what you are dealing with in online auctions and ensure payment methods are secure by using an https//: web address.  Also, take a look at the auction privacy policy and refund/returns policy to be sure everything seems fair.

#3) Phishing scams – fake messages from Paypal, social security administration, and banks

Of the 1% of users that lost money through phishing scams, 53%were not compensated by their bank and 11% say they are still waiting for compensation. According to research conducted byGoogle involving phishing attacks:

“Most of us think we’re too smart to fall for phishing, but our research found some fake websites worked a whopping 45% of the time.”

152204_PhishingBankEmail

Phishing email scams often resemble official-looking messages from retailers, Facebook, banks, Paypal, and eBay. The messages often ask you to confirm details that warn you to take immediate action involving your account, such as confirming your bank account details. Most phishing emails contain special links that route you to genuine and spoofed websites. Do not fall for the massive number of  shipping label and package tracking scams that claim you have a package on its way by means of a popular shipping service such as Fedex or UPS.

152204_FakePaypalE-Mail

In order to prevent yourself from being a victim, you should never send money or give personal details to strangers. Keep a periodic check on your credit card and bank statements and shred all important documents containing personal information. Always log in to a website directly and don’t click on suspicious links within an email message.

Google also discovered that users may not have much time to recover or change their login information before hackers access their account.

“Around 20% of hijacked accounts are accessed within 30 minutes of a hacker obtaining the login info.”

#4) Lottery and giveaway scams – the foreign lottery, competitions, and free vacation giveaways

Lottery and competition scams promise a recipient a big prize or something else to win. These types of scams are delivered in a variety of ways including – over the phone, in person, email or by conventional mail. The scammer will present that you have won a substantial amount of money and that all you have to do to claim the prize is to send money to pay fees such as taxes, customs duty, shipping, etc. Typically, users’ requests to take the fees out of the winnings; but, always receive the same response from the criminals: “we cannot do that”.

152204_LotteryEMailScam

Be wary of vacation scams that promise you a free vacation which requires you to pay a supposed service charge or purchase a membership to a travel club. Always seek the advice of a financial or legal expert before sending money.

#5 ) Advanced fee fraud scams – Promises of sending money, products, services, and special deals

Advanced fee fraud is a popular email scam that is also known as upfront fee fraud. It is any scam that charges you a fee and in exchange promises to send you money, products, services, and special deals. In addition to this, you may also be asked to assist in removing funds from a country in turmoil or help law enforcement catch thieves.

The most prevalent type of scam that hit a massive amount of users is referred to as the 419 Nigerian Scam. A scammer typically will contact someone by letter or email and offer a share in a large sum of money which they want to export from their country. The recipient is then asked to pay money or give bank details to help with the money transfer. The victim must pay fees, charges and taxes to help release the money out of the country or bank account. The scammers continue to make up fees that you must pay before you can receive your money.

152204_NigerianScam

Off course you will never be sent the supposed promised funds. According to the Nigerian Fraud Watch website, victims have lost a shocking 12.7 billion dollars due to this scam.

Users perceive emails by what they see with the naked eye

Human Eye (source: Creative Commons)

Four popular universities – University of Buffalo, Brock University, Ball State University, and University of Texas in Arlington – conducted a study and launched a phishing attack against a group of users. The purpose of this was to discover the psychological reason behind why people fall victim to phishing spam emails. They state:

Our results indicate that people process most phishing emails peripherally and make decisions based on simple cues embedded in the email. Interestingly, urgency cues, i.e., threats and warnings, in the email stimulated increased information processing, short-circuiting the resources available for attending to other cues that could potentially help detect the deception.”

The study reached a few conclusions:

  1. Users only process what they see with their eyes and do not perceive the potential scam with their mind.
  2. Users make decisions to open and read an email based on captivating titles, graphics, testimonials, and matters of urgency such as “your bank account will be deactivated if you don’t respond now”. The element of fear also plays a part because a user is often scared by the title or content of an email without asking how this is possible or why is this happening.
  3. Urgency cues in an email stimulate information overload. Too much is often happening within an email and that leads to the brain processing too much at one time leading to an information overload. Use of catchy titles and influential content/graphics cause users to often miss an alert from their security product or a warning message from an email filter that could alert them and potentially flag the scam they are about to fall victim to.

“The findings suggest that habitual patterns of media use combined with high levels of email load have a strong and significant influence on individuals’ likelihood to be phished.”

How to avoid being victimized by email scams

  • Be aware of unsolicited email attachments that use suspicious email addresses. Never click on a seemingly suspicious looking link. Hover over a link with your mouse to reveal the destination address to confirm if its legit.
  • Don’t click on urls in emails that requests login with a password. Instead, visit the website manually, login there and look for the information that was promoted in the email.
  • Don’t fall for the top five email subject bait lines that scammers use: invitation to connect on LinkedIn, Mail delivery failed: returning message to sender, Dear (name) customer, Comunicazione importante, and undelivered mail returned to sender.
  • Use a spam/junk mail filter. Learn how to filter your email messages in order to separate the good from the bad. According to Kaspersky, over 70% of emails are spam related. Another option may be to use a dedicated software to filter and block potentially unsafe messages such asMailWasher.

Recognize Fake E-Mails

  • If an email message is seemingly suspicious, make contact through other means to verify the source and authenticity of the email. If a message is legitimate, finding a contact number to the source should be an easy task.

Have you seen these type of emails scams going around? What other ones are you aware of? Have a great (scam-free) day!

Thanks to Emsisoft for allowing us to republish this excellent article in our newsletter and Web sites.  You can view the original article here.

7 thoughts on “45% Of All Users Cannot Tell a Scam Email From a Safe One. Can You?

  1. Charlyne Craver

    It’s hard to believe that supposedly intelligent, educated users of computers would even think of going to any of the sites portrayed in this article. Goodness, I could understand a grade-schooler maybe thinking it is alright, but an adult? I have been told I missed some good things because I wasn’t sure and wouldn’t look at the site. Know what? I really don’t think I missed that much.
    Thanks for sharing this and for warning us about Mailwasher. For many years you have helped this old lady stay out of trouble.

    Reply
    1. Yvonne

      We have a lot of adults who are not very ‘aware’ of internet dangers. Most of those folks are not ‘computer savey’ nor ‘technically-minded.’ They use computers but are not into protecting their computers on any level. They aren’t even interested. I’m living with one. If anything goes wrong, I’m the one who has to make corrections.

      Reply
  2. Muriel.S

    “45% of users are fooled by email scams and face financial loss or identity theft” Wow, that percentage is truly shocking…..especially after the years and years of warnings. This also adds credence to the lousy job those stupid spam and phisher filters do.. the ones that email providers scare you into using or force upon us. My email provider allows me to set those “censorship” filters to OFF which I did years ago. You wouldn’t believe how much less spam I got after turning them OFF.

    The other thing you have to be careful of is not to trust emails that “appear” to be from somebody you know. Every single one of that type that I’ve received has come from a friend who uses Yahoo email and had their address book hacked. Also, I never use the “preview pane” setting to view my list of emails.

    Reply
  3. Maggie

    Dear TC,
    Was very surprised to see you hammer Mailwasher when you were one of the ones that really sang their praises in the early days. I have been with the above program for many years when you first recommended it and have been very satisfied with it. Emisoft may also be a good program but for those on a limited budget namely Pensioners Mailwasher is a very good standby. In the early days I even spoke with you on the phone for assistance once or twice but that was in the better days before prices sky-rocketed but to do so now all the way from New Zealand, as much as I have been tempted ,
    is a no, no. Be kind and not quite so harsh on programs that you have recommended in the past. I know that it is called good business but so also is loyalty. Also enjoy the first touches of Spring as we are now going into our Winter.

    Reply
    1. TC

      We have not recommended MailWasher in over a decade. We were never ever gung ho on MailWasher, but 10-12 years ago we mentioned it back in the days when we still believed spam filters worked. MailWasher slows down mail programs and has a high false positive rate.

      So we are not sure who it is you think we are, but Cloudeight has not recommended MailWasher in a very long time.

      While were on this topic – we have always been quick to stop recommending products when those products changed (Registry Mechanic) or companies were sold (Reimage). We don’t assume that things never change, everything does.

      We have been accused of flip-flopping more than once. But we’re not going to change who we are. Four years ago we recommend Microsoft Security Essentials when it was ranked in the top 5 antivirus programs. Today it doesn’t even make the top 25, why would we still recommend it?

      Things change. We don’t like MailWasher and we don’t agree with Emsisoft’s recommendation of MailWasher – that does not change our opinion of Emsisoft or their staff. If you think MailWasher is great, then by all means use it – we are not saying it’s malware or a PUP or a Trojan, are we?

      Reply
  4. Jeff

    Quote:
    “We agree with almost all of this article, we don’t agree with the idea of installing MailWasher. We have found MailWasher too aggressive and too slow; it is just as likely to throw the baby out with the bathwater as it is to protect you from nefarious emails. We don’t recommend or endorse MailWasher.”
    I agree with Maggie, about being too harsh. I too use Mailwasher and have done so for years. If one uses Mailwasher or similar program in the right way, that is, to evaluate each email that has been sent to ones mail box and mark as desired (Friend, Good, Spam, or Black listed.) then Mailwasher will recognize future emails from that source as such and automatically check for deletion the ones marked as spam or black listed. The point I’m making is….. that one tells Mailwasher what to do with the various emails and it remembers the same. So, in essence, I use Mailwsher to view all my emails in my mail box (without downloading to my computer) and quite often mark all emails for deletion (By checking one check box) and only ever download the emails I want to keep, so 98% of emails sent to my mail box never get downloaded to my computer, regardless how they are marked. As I get 20 or 30 emails most days, I think it is very convenient to use a program such as Mailwasher! As for using automatic detecting spam filters that throw the baby out with the bath water, I don’t! I make that decision. I figure having a mail washing program saves me a lot of time and from the risk involved in downloading emails one does not want, remembering, one is only viewing the email headers in Mailwasher.
    LOL, Jeff.

    Reply
  5. Doug

    I have seen every one of these scams in my email. Thanks to Cloudeight and Emsisoft I know better.

    Thanks to both of you for helping to keep my browsing safe and the internet a better place!!

    Doug

    Reply

Leave a Reply to Doug Cancel reply

Your email address will not be published. Required fields are marked *