E-mail is a method of communication which is used more than you may think. Some of you will use e-mails occasionally if it’s for personal use, while others might send a lot if they’re using it for business. The fact is e-mail is hugely popular and it is estimated that roughly 217 billion e-mails are sent every day!
Fraud is something which occurs in all walks of life but the threat of e-mail scams is getting worse as time goes on.
The term for most e-mail scams is “phishing” and it’s where people try and get your personal information, bank details or other personal details pretending to be someone else.
As well as getting your personal details or trying to get money from you, phishing scams have evolved to include malicious software which could be used to ‘take over’ your computer – and this threat has been referred to in the news as “ransomware”.
Below I detail the most common e-mail scams to be wary of, based on experiences I have had in business.
Online Banking Scams
Aim: To get your bank account details and then access your bank account.
These fake e-mails will appear to come from reputable banks such as Barclays, NatWest, Lloyds TSB, HSBC, Halifax (in fact it could come from any bank) and basically make out that if you don’t verify your details by clicking on the link then your account will be shut down.
When you click on the link, you will be taken to a fake website which looks like the actual banks website, with an option to put in your personal and bank details. Unfortunately, when you submit this information you have just given all your details to an online scammer, who will use this information to access your bank account and take your money.
This scam works because most people will have a bank account with one of the major banks and believe that this e-mail is actually for them. Unfortunately, this same e-mail would have been sent to thousands of unsuspecting recipients in the hope a few will hand over their bank details.
Facebook / Social Media Scams
Aim: To gain access to your Facebook profile.
A relatively new phishing scam purports to be from Facebook, saying that you have notifications or new friend requests that need your attention. Once you click on the link you are taken to a fake Facebook website which will ask you for your username and password. When you submit these details however they are just sent to a scammer who now can access your personal details and messages held on your Facebook account.
They will do this most likely so they can take your identity and sent messages on your behalf, to try and get money or information from the people on your friends list.
Royal Mail / DHL / Other Delivery Services
Aim: To install malicious software / ransomware on your computer.
Unfortunately a few people I know have been a victim of this scam and it is very damaging to your computer and the data held on it. The e-mail pretending to be from a delivery service (could be Royal Mail, DHL, Yodel, etc.) sends you an e-mail saying that they attempted to deliver a package for you but it could not be delivered (for whatever reason).
To access the details of the undelivered package, you need to click on the attachment on the e-mail which will provide all the information. Most unsuspecting people will click on this link either because they might be expecting a package (and it’s just coincidence that they received this scam e-mail at the same time) or because they are curious. Unfortunately, once this file is clicked a virus is installed on the computer and the ransomware takes hold of the system.
The examples or ransomware I have seen have basically locked down the computer, rendering all files, documents, images, software programs, etc. unusable – and the only way to ‘unlock’ these files so they can be accessed again is to pay the scammer a ransom fee which could range from a few hundred pounds to a few thousand, and usually the ransomware will increase the fee on daily basis, making the victim panic and pay before the price gets too high.
The increased threat of ransomware can be reduced somewhat if you can do regular backups of your important files.
E-mail Mailbox is Full / Needs Upgrading
Aim: To gain access to your e-mails and contacts.
Like the banking scam, this fake e-mail will pretend to come from your e-mail provider and tell you that unless you click on the link and “upgrade” then your e-mails will be shut down. Of course this is not true but if you click on the link the fake website will ask for your e-mail address and password, and when submitted will go to the scammer.
Once they have your e-mail address and password, they can read your e-mails, send e-mail messages pretending to be from you and try and con your contacts or send them viruses such as ransomware.
Your Friend Is Abroad And In Need Of Serious Help
Aim: To extract money from you.
If someone you know has had their e-mail address hijacked (see the scam above) then a common scam these con artists try and pull is this:
Say your friend, we’ll call him James, has had his e-mail address compromised. You will receive an e-mail from “James” (who is really the scammer) telling you that he is abroad and was in a terrible accident, where he lost his wallet and is in desperate need of money to get home, otherwise he is stranded in a foreign country. To make it even easier for you, “James” promises that once he returns he will pay you back in full.
So if you get taken in by this scam you reply that you want to help, and then his response will be to make a bank transfer into his account so he can get out of trouble. Unfortunately, the details aren’t your friend James’ bank account but of a scammer – and once you’ve made that payment there is no way to get your money back!
Nigerian Riches Scam
Aim: To take your money.
This is one of the oldest e-mail scams going and the vast majority of people will have received one of these before and probably had a bit of a chuckle to themselves before deleting it. Unfortunately though, there are still people who are taken in by this scam (usually those who are vulnerable) and its aim is to simply take your money.
You will receive an e-mail from a person purporting to be from a Nigerian King (or some other Nigerian Government official) who is informing you that you are the beneficiary of some vast wealth (somewhere in the region of $100 million USD – yes, I’m not kidding) and the only way to access this is to give them all your personal details and bank account information.
Once you give them this, they will claim that they had some issues sending you the money (there’s a surprise!), so to overcome these problems you will need to make a small transfer (usually a few hundred pounds) to help with the administration error which is holding up the payment to you. They will then make up some other cock-and-bull story up and ask for more money.
People who have been taken in by this scam have usually sent out several payments, usually increasing over time – in a more desperate need to access this vast amount of money. As you may have guessed, these payments are long gone and there’s no way of getting them back.
You’ve Won The Lottery! Or Won A Prize Draw
Aim: To obtain your personal details for identity theft.
This phishing scam is from a “Lottery” company claiming you’ve won a large amount of money, or a business telling you that you’ve won an iPad or some other prize in a prize draw. But obviously you never bought a ticket to this lottery or even entered this prize draw.
To claim your “prize”, you need to click on their website and enter all your personal details (full name, date of birth, telephone number, address, etc.) but all this does is send all this information to a scammer for malicious purposes.
How To Avoid E-mail Scams
Now that you’ve read about some of the most common e-mail scams, you should helpfully be better informed about the different phishing scams that are out there.
Below are a few tips to help you identify whether you’ve received a scam e-mail:
- Check the e-mail address which sent the e-mail. If it has been sent from a free e-mail provider such as @hotmail.co.uk, @outlook.com or @gmail.com, chances are it’s a scam.
- Who is the e-mail addressed to? If it says ‘Dear friend’ or something generic greeting it’s likely to be a scam e-mail sent as part of a mass mailing to thousands of people.
- If there are mistakes in spelling and grammar that is usually a tell tale sign that it is not a legitimate e-mail.
- Scams work on urgency and panic – so if the message in some way tries to scare you then the likelihood is it’s a scam. Scammers prey on those who worry and telling you that you bank account or e-mail address might be shut down is one of the ways they scare you into giving them your personal information.