7 Tips for Recognizing Scam Emails Before You Open Them
[Do you get our weekly free newsletter with the latest scams and tips to stay safe? Sign up now and be smarter and safer using the Internet! ]
Any threat we may get into our email inbox is really no threat at all if we can recognize it and delete it before we open it. We might make the decision to delete everything that comes from an email address we don’t recognize, but for most of us that’s not practical. And when we open a scam email, for example, our risks increase for a variety of threats and negative circumstances. However, there are several simple things we can do to more easily identify and delete scams and spam before we open them.
1. Sender’s email address or domain (name after the @ symbol) is an odd string of characters
Spammers and scammers often use software to generate thousands of emails at a time. These programs sometimes dump in random strings of characters when they create the fake sender’s address. Check out this string of email addresses that hit an email server in just a few minutes:
Or how about this solicitation about taxes that comes from UrgentTax@tyttacekory.com. The domain “tyttacekory.com” is so odd that it should make anyone suspicious.
2. Sender’s email address has a name before it that doesn’t match the name in the email address
Email programs are often able to send/receive email that displays the owner’s full name in front of the owner’s email address. Here are two legitimate examples:
“Joe Schmo <firstname.lastname@example.org>”
“Jane Smith <email@example.com>”
Spammers/Scammers often mismatch names. We can’t explain why but here are two examples:
Notice that the sender’s email address says “PayPal Manager” but the email address that follows doesn’t point back to PayPal.com.
In this second example, the name in front of the email address is a complete mismatch to the actual email name. Most people would never create such a mismatch. Just delete!
3. Sender’s email address contains a 2-letter country code
We have an excellent short video that explains 2-letter country codes in detail and the importance of recognizing them. If you see an email address that ends in a period followed by 2 letters, these 2 letters refer to a country where the email originated. Some are easy to figure out such as br (Brazil), hu (Hungary) or in (India) while others are not so straight forward… es (Spain = España), de (Germany = Deutschland) or hr (Croatia) For a detailed list of country codes, visit this Wikipedia article.
Our point? If you get an email from a country that you have no connection to, and no interest to be connected to, you can identify it before opening it and make a decision to delete it. Here are three examples. See if you can identify the countries the emails reportedly came from:
ca = Canada
tr = Turkey
it = Italy
4. There is no visible “From” email address
If the sender’s email address is completely missing in the “From” section then it was hidden on purpose. Just delete.
5. The email seems to have been sent from you to you!
This may sound a bit strange at first but it is actually a very common trick. The first social engineering effort spammers and scammers make is to get you to open an email. If you see an email that looks like it came from you to you, most people are curious enough to ask “what is this?” …and they open it. If you know you didn’t send it to yourself, just delete it!
6. Sender’s email address contains a variation of your name
Another common trick used by spammers and scammers is to create a “From” address that actually uses variations of your own name. Again, the idea is to raise your curiosity enough to get you to open the email. Check out these examples of my username…
7. Sender’s email doesn’t match the expected source of the email
The final tip we can offer is actually a little common sense when you think about it. If you receive an email that says it is an invitation to connect via LinkedIn, then it should be from LinkedIn, not PeoriaBank.com.
If you receive an email that says it is an opinion piece from CNN.com then it shouldn’t come from the domain adp.com
Finally, as long as you don’t click a link or attachment, don’t be afraid to open an email if you feel that you need to. But keep a healthy does of skepticism as you read the contents!