7 Simple Methods to Proactively Counter Email Scams
Do you know what an email scam actually looks like? By going over the following ‘7 mantras’ meant to be rather easily followed by average users, we can raise external awareness leading to better distinguishing scams.
In today’s modern society, people often use email to communicate, not only everyday matters, but also important or sensitive information. Attackers, meanwhile, using their email scam methods, have been exploiting people’s vulnerabilities to cheat them, by passing off fake contents as genuine. As AI and Cloud technologies are gradually gaining widespread acceptance, coupled with the emergence of other advanced technologies such as 5G, Fintech and new digital identity verification around the world, mass email usage will only continue to rise, most certainly leading to continual increase in email fraud.
Now, the question is: do we know what an email scam actually looks like? Even if not that easy, the fact is that all scams are traceable. Therefore, as a very basic step, we all need to be alert when we see e-mail sources that look unfamiliar. Next, by going over the following ‘7 mantras’ meant to be rather easily followed by average users, we can raise external awareness leading to better distinguishing scams. In addition, by using online tools, we can make use of their built-in technology, in order to more accurately identify fraud and to protect users from falling for scammers’ tempting tricks.
1) Contents including money, account transfers, or transactions
Whenever we receive emails with sensitive contents related to money, or account transfers, among others, it is best to use alternate channels, such as making a phone call to be assured of its source, just in case. This is despite whether the sender appears to be known, or originates from a trusted business unit or not.
2) Email content text showing abnormalities
When we find unusual format or grammar in the subject line or body text, such as use of symbols, garbled letters or strange characters, we should immediately be reminded that this may be a suspicious email. Consequently, it is imperative to refrain from clicking on links and opening attachments within the email. Despite that, the safest method is actually to confirm the sender information and email content with the other party through other communication channels, as well as to report the case to the relevant IT department within our school or place of work.
3) Emails with sensational or suspicious subject lines or attachments
In order to fool users, attackers often take advantage of human weaknesses, using enticing subject lines or contents to generate curiosity. When encountering this, it is best to remain calm and collected, not to open the email attachments indiscriminately or to forward the email. Such email is best to be deleted immediately.
4) Emails concerning topics on current affairs
When receiving emails concerning popular current events and trending information, be alert not to simply open the email or its attachment. Scammers often take advantage of users’ curiosity and prey on them, in cases involving popular daily life topics, such as a list of tips on non-standard food ingredients, ways to reduce supplementary health insurance fees, among other contents of that nature. It is mostly due to mass attention to such hot topics that they are able to entice users to fall victim to their scams.
5) Emails highlighting preferential or promotional news
This includes emails underlying service upgrades, various promotions/give-aways, and preferential/exclusive notices, among others. They often take advantage of common human greed, encouraging users to click on the included links or attachment files. If users do not remain vigilant, they can easily fall victim to those scammers’ traps.
6) Forged system-notification emails (average user is often not able to detect: use of online tools recommended)
It is important not to automatically trust and open emails containing system-notification information. Nowadays, fake emails notifying issues with user accounts or announcing system upgrades have become quite common. In addition, since online groups and platforms have already been widely used, average online user may not fully remember all online services or systems they have already registered with. Therefore, in order to verify emails such as above, some supplementary tools are currently available online assisting users in determining whether those emails are suspicious or not. These tools are further explored in the next section.
7) Seemingly genuine/important fake emails, emails from executive officers, mails between customers and suppliers… (all rather difficult to discern: it is thus recommended to use online tools for assistances)
This type of email is known to be the most successful method in scamming users. Attackers usually use the recipient’s psychology of fear of missing important emails to exploit them. These emails are usually in the form of business notification emails, often with titles containing words like ‘Order’, ‘Invoice’, shipping companies like ‘UPS’/’Fedex’/’Amazon’, or ‘Report’, etc. These kinds of scam emails generally have a high chance of scamming users, by making the users believe they are indeed work communication emails or important/urgent messages requiring immediate attention and consequently distracting users from using caution.
When attempting to open this type of email, it is best to make use of an alternate channel to confirm with the other party prior to opening it. As it is often not easy to directly identify the sender at a glance, however, it is recommended to make use of an online tool, once the email is opened for the first time, in order to make sure if the email is suspicious or not.
The above examples are all common cases of BEC (Business Email Compromise). The losses caused are comparable to the ones by Trojan horse programs and malicious viruses. The only way to counter them is for the recipient to directly identify the source, unless an alternate channel is utilized every time to verify the incoming source.
In identifying email details, online tools can prove invaluable. Currently there is a browser extension (Website: chksender.com) allowing the recipient, upon opening an email, to first verify the sender as well as email domain’s information, applicable to above 7 types of e-mail scam prevention methods. In addition to raising awareness in proactive email identification, the information database can be used to determine whether the sender is suspicious or the mail has been tampered with by someone with bad intentions, benefiting all users at large.
Chrome Web Store Page (accessible on Chrome): https://chksender.pse.is/addon
For more information, follow ChkSender and join Chat group!
We are BlockChain Security. We make digital evidence dependable!
