How to Figure Out if an Email is a Scam

Even the most experienced Internet users may get scammed given the right conditions. So, it is always good to remember the characteristics of a scam email in order to protect yourself from getting scammed.

- Have you ever been scammed?
- Has anyone ever attempted to scam you?
- Did you receive a suspicious email that you think might be a scam?

If your answer is "Yes" to any of the above questions, then you should read this post carefully as it will provide detailed analysis of the signs of scam emails and tips to protect yourself and the people you know from falling victim to an online email scam.

Getting scammed online is an unfortunate but a frequent and usually easy thing. If you are not paying much attention to what links you are clicking on a website or software, if you are not paying much attention to what personal or financial information you are providing on a website, know that you are the #1 potential target of scammers.

Use of Email in Online Scams

When it comes to online scams, email is one of the most powerful tools that scammers use. The ability to freely send an email to any email address that you want on the planet without leaving a trail also introduces privacy and security risks spammers and scammers pose. By the way, let me briefly make the distinction of spam vs. scam so that you can better understand the concept of scam and raise your guard against it when necessary.

Spam, in short, is unsolicited email. For example, a company sent you a commercial email to promote their products without asking your permission first, that's a spam email. Spam emails are very annoying and they should be prevented and reported where possible, there is no doubt to that, but unless they are a scam too, they usually don't pose any privacy or security risks. They just annoy you by advertising products or services without your consent.

Scam, on the other hand, is an act of presenting something in a way that it is not and gaining something out of it without the true consent of the person. For example, you got an email which looks like it came from your favorite social network. The email claims that your account was breached and your action is required, and provides a fake link to a page where your login details will be stolen if you visit that page and enter your login info. This is a scam. Another example, some unknown company sends you an email with a bunch of product purchase links. It looks nice and legit, but in reality neither that products exist nor they will be delivered when you make a purchase. This is a scam too.

Now that we have clarified what is spam and what is scam, let's see what the common signs of email scams are.

9 Signs of Scam Emails: How to Figure Out if an Email is a Scam

(Image by Gerd Altman)

Common Signs of Email Scams

The more signs, or characteristics in other words, you know about online email scams, the higher chance you will have avoiding them with no negative effects or loses. A scam email usually...

Comes from a weird/fake email address.

Although it is possible to get scammed by people you already know or by people you are actively engaged in an email communication with, most of the scam emails come from strange, fake email addresses. Since the scammers usually do not use a real domain name in the from section of the email header, they put a fake email address like, which do not exist.

The first thing to do when you receive an email from an unknown source, even before opening the email, is to check from which email address it was sent. If the email address is familiar to you or if it has a legit domain name that leads to an active website when you check in your browser, the email can be considered to be relatively safe and you can open it. Otherwise, my suggestion would be not to open it.

Web browsers and email account providers make it close to impossible for malicious scripts or files to affect you just by opening an email, but still taking extra precaution would never hurt especially since the scammer will most probably know that you opened the email (with the help of email tracking systems), and tag yours as an active email address, which will lead to even more spam and scam to come your way.

Looks like it came from a website where you have an account.

One of the most frequent techniques scammers use is to randomly send bulk emails to a large group of email addresses they scraped from the Internet, where they fake the sender and title information to make the recipient believe that the email was sent from a website that they have an account with and they use frequently. Some common scam emails of this kind that I have seen were focusing on highly popular websites such as financial websites (banks, PayPal, Skrill, etc.), social networks (Facebook, YouTube, Twitter, Instagram, etc.), games (World of Warcraft, League of Legends, etc.) and the like.

Basically, the scammer crafts the email title and email sender info in such a way that it either looks exactly like it was sent from the platform you have an active account on (email services got better at filtering such emails), or very close to it, by changing one or two characters (e.g., Website -> Wébsite) to pass the spam filters. Whenever you receive an email from a website that you are using actively, double check if it came from the legit email address of that website. If you are sure it did not, simply delete the email. If you can't decide whether the email really came from that website or not, contact their support and ask if they sent you such an email, just to be sure you do not miss an important notification.

Claims that your account was breached and you need to take action.

Continuing with the sign #2, when you get a scam email that looks like it came from a website that you are using actively, it usually claims that "your account was breached" or "there have been suspicious activity on your account", firstly to create a panic and secondly to forcing the "what if?" question to your mind, expecting you to follow the fake link they provided and land on the page they designed as an imitation of the legit website just so they can grab your login details (username and password).

You can read a lot of stories of people who lost their accounts, and even their money or important data on various websites by falling victim to this type of scam. When you get such an email that claims a problem with your account, no matter which website it seems to be coming from, take a deep breath, make sure the email is sent by the real email address of that website. If not, simply ignore the email. If yes, then follow the instructions in the email, that is if you are 100% sure it is a legit email.

Asks for your password.

No reputable website, even much smaller ones than the top popular sites, would ask for your password via email, or at all. Most websites use a secure user registration system that store the passwords by encoding them and the only way for resetting a password is via your own action. When you start the password recovery process on a website, you may receive an email to reset your password, but at no occasion would a website ask your password.

If you received an email that is asking your password which looks very similar (in terms of style and text) to the legit emails that you receive from that website, it is 99.99% a scam. At the rare occasion where a website really asks your password, you should run away from them because no website or web service should ask the password of their users, for it introduces security risks (someone else may access that email and grab your password).

Asks for your personal contact details or financial information.

Another highly common scam technique is to present the email as if it was coming from a legit institution or from an authority entity and to ask your personal contact details including but not limited to your full name, phone number, address, occupation etc. In some cases, they even ask financial details about you, such as your income, your bank accounts and so on.

Why most people fall for this type of scam is because the email creates the impression that it is legit and if the recipient does not provide the information that is requested, they may get into trouble.

What the scammer does with your information is up to them. They can use your contact details to further scam you or sell them to third parties who pay big prices for such information in order to market their products/services. Asking for financial information is less common, but it is still something you should keep an eye for and be on the guard.

There has been one case where I almost fell for this type of scam. Thanks to seeing almost all types of scams online, I was able to avoid it. Still, it proves the expertise (?) of the scammers in crafting a convincing email. I wish they used that expertise in better ways.

Claims that you have just inherited a huge sum.

I don't think there is anyone who hadn't imagined to have inherited a nice amount of money at one point of their lives. That's not a problem, the problem is that the scammers use this "dream" and exploit it to make people believe that some millionaire uncle or aunt of them that they have never heard of, in another country at a weird location, just passed away and left a huge sum of money to them. Obvious from basic human psychology, we all want free money, hence a lot of people fall for this scam.

This type of inheritance emails often contain legal terminology and signature as if they were written by a real lawyer, which increases their credibility. Though, there are also some funny samples with lots of grammar mistakes. Simply ignore such emails and continue with your life just like before you learned about your non-existing rich relative.

Claims that you have won the lottery.

Let me ask you this: Have you ever won the lottery? The lottery that you never even participated? Well, according to these smart (?) scammers, you have. This lottery email scam uses the same psychological trigger as the one in #6, hence it preys on those who are seeking a shortcut to riches in unrealistic ways.

Don't want to be scammed? Do not play the lottery, which is the biggest scam of all times, and do not pay attention to the emails that claim you have won the lottery.

Claims that you can make money online without doing anything.

If that was possible, believe me I would be among the richest men in the world today because I spent years and years on countless number of methods to make money online and you know what? All the ones that I made money with required hard work. "Hard work" as in really hard work.

It surely is possible to make money online in very different ways like selling photos, design work, offering services, ecommerce, affiliate marketing and advertisements but in no way can you make money without doing any work. Those who make it sound so simple do that for one simple reason: To lure you to buy their offer. That's it.

The next time you receive an email claiming that you can make a lot of money with no work, do yourself a favor and delete it, after reporting it as spam of course.

Requests money from you for a lucrative business opportunity.

This scam method has been around for a long time and you may still be targeted by it. The scammer basically makes you an offer that sounds too good to be true, or close to "too good to be true" just to reduce your concerns, by providing details about a business opportunity, a partnership or a new project. It sounds great at first, if only you did not have to "invest" a considerable amount of money to participate in this "business opportunity" that in reality does not even exist.

As soon as the scammer gets your funds, and that usually happens via a non-refundable mechanism, you will never hear from them again.

You may ask who would fall for such an obvious scam. Well, if noone had fallen for it, would they continue to use the same scam over and over again?

Human mind has no limits in creativity as you can also see from the above points. These are the most common signs of scam emails and from now on whenever you receive an email that shows one or more of these signs, remember this post and you will be safe.

In addition to avoiding scams, you can also check my other post if you ever need to figure out who owns an email address.

f t g+ in