The reason why is simple.
There are many ways that cybercriminals can gain access to your life. One of the easiest is to convince you to click on an email link or download an attachment. Once you do, those criminals can:
- Trick you into sending money (like with the Nigerian prince scam)
- Install malware on your computer so they can simply take your money or spy on your activity
- Use ransomware to hold your computer and data hostage until you pay (like with the WannaCry attack)
Fortunately, most of us are savvy enough to avoid many of the most obvious scams — from Nigerian royalty to magic pills to gambling sites. Yet, modern thieves are also savvy enough to know this, which is why they continue developing more creative ways to get you to click.
Below are some of the most popular examples of “credible” scam emails.
1. You’ve Just Won!!!
Have you ever been notified of winnings, discounts, or prizes — even for sweepstakes that you never entered?
Clicking to see what you’ve won automatically installs a Trojan horse on your computer, and that’s when the damage starts.
2. Faux Security Alert
Maybe Microsoft notifies you that your software is out of date. Or perhaps it’s your bank alerting you to unauthorized charges.
In most cases, these emails are simply scams.
Sometimes, the goal is to get you to click on a specific link. Of course, doing so installs malware directly on your device. Other times, the goal is to get you to call an official-looking number. You think you’re talking to a bank teller as you supply your Social Security number or verify a recent transaction.
You’re really just talking to a thief.
3. Uncle Sam Is Angry
This one is similar to the above, but instead of your bank contacting you, it’s the federal government. You apparently have an unpaid fine or tax issue that needs your attention ASAP.
Whether you click on the accompanying link or call the “official” number directly, the result is the same. Your personal or financial details are now compromised.
4. The Unsubscribe Option
Do you ever get repeated offers from Netflix, Amazon, or some other company with which you do have a relationship?
Those unsolicited emails are a pain, but most reputable companies include unsubscribe options at the bottom of their marketing messages. Criminals know this, which is why they’ve started hiding their malware behind these “Unsubscribe” links:
- You think you’re opting out of annoying emails
- In reality, you’re opting into a world of pain
The question is, how do you avoid all of these scam emails?
The Best Way to Prevent Scam Emails From Impacting Your Life
In the early days, it was relatively easy to spot suspicious emails — due to:
- Spelling mistakes and poor grammar
- Mismatches between URLs and email addresses
Again — cybercriminals rarely stay in one spot. They constantly refine their formulas to make them better and more believable. For example, it’s now possible to “spoof” email addresses and create grammatically correct messages that pass the spell test.
If you want to protect yourself from scam emails moving forward, follow this three-step formula:
Step 1: Never click on email links. Ever. Even if the email is from a legitimate-looking source, you should open a new browser window and visit that site directly. From there, you can talk with customer support or adjust your email preferences.
Step 2: If you ever determined that an email is fake, you should forward that message to the appropriate party. Most businesses appreciate being alerted to phishing and spoofing emails that bear their name. Many companies even have official channels for reporting such emails — including .
Step 3: Finally, you should mark the message as spam. Doing so enables email providers to add that account, IP address, and message to their growing blacklists. This helps to improve everyone’s spam filters (including yours).
One Final Tip for Preventing Scam Emails
You now know about some of the most popular email scams — and how best to protect yourself. When it comes to your personal inbox, this knowledge is usually sufficient.
Still, it’s not enough if you work in a company setting with networked computers. You might be extremely diligent with the emails you personally receive. However, if one of your colleagues clicks on a suspicious link, then all of your devices are potentially infected with malware.
As part of National Cybersecurity Awareness Month, you should share this article with your team. Employee training is the best line of defense when it comes to scam emails.