Scam emails are used by criminals to fool you into providing money or sensitive information, such as account numbers and login details. Some are sophisticated, some are a bit shabby, but they all present a real risk. Learn to spot the warning signs – so you don’t get caught out.
- An unfamiliar sender.
- Requests for account numbers or login details.
- Requests for financial assistance.
- Offers to claim money or prizes.
- Colloquial subject line and message body.
- Link to an unfamiliar website.
- No obvious reason why you’d be sent it.
Questions to ask
- Is the wording, timing or content out of character?
- Is the spelling and grammar as good as it normally would be?
- Does the request require an urgent action to transfer money or provide sensitive information?
- Have you discussed the matter before with the supposed sender?
Tips for staying safe in your email
- Never give out any usernames, passwords or account numbers via email.
No one legitimate will ask for these via email. Your bank definitely knows not to. If you think it might be a legitimate request from someone you trust, give them a call using a number you know will definitely reach them (not just one you’ve seen in the email signature).
- Be wary about giving out any other information.
You’re probably already pretty good at not giving out the top secret stuff. But scammers might email you looking for something more benign. Names of staff, details of what software you use, and information about clients – all this could help them carry out a scam.
- Be cautious about opening attachments.
Unless you’re expecting them or know what they contain, you’re probably best to leave them. But as with the last couple of steps, if you’re unsure, call or talk to the sender directly.
- Be careful clicking on links.
Same story again: extra caution if the email is from someone you don’t know. If you think it’s from someone you know, still be careful. And think twice before entering any information in websites to which they lead you.
- Never follow a link in an email that claims to be from your bank.
It might be legitimate, but it’s easy to be safe and just enter your bank website’s address into your browser.
- If you think it’s a scam, don’t feel tempted to respond.
It could be tempting to say “I don’t think so, buddy!”, but don’t risk giving them anything – even confirmation that there’s someone on the end of your email address.
- Keep an eye on your account statements.
There’s a bunch of good reasons for doing this, but monitoring for unauthorised transactions is certainly a wise one.
- Keep your security up-to-date
Anti-virus software, firewalls, software patches: none of them are replacements for keeping your wits about you, but all are really important for keeping you safe.
Train your staff to spot scam emails with our Email Phishing Awareness Test
All this theory is useful, but it’s not as effective as a practical lesson. Because once you’ve been fooled by a scam email, you’re less likely to make the same mistake again.
Problem is, that kind of wisdom can come at a high cost.
Our Phishing Awareness Test delivers a phishing lesson without the sting.
We send your staff a series of emails designed to look like phishing emails. Only difference is, these emails are completely benign: fake phishing emails which don’t follow through on a scam.
They give your staff the practice and experience they need to deal with real phishing emails – the ones that could actually cost you.
- Your staff have a better idea of what to do.
- You know how prepared your organisation is.
- You lower your risk of financial loss.