So I’ve recently written about scam emails and what to watch out for. They just keep rolling in, though, so I figure I might use them to illustrate some of the things scammers do that are easy to spot. And it’s important that you CAN spot them.
The first thing you have to understand is that the people who put these things together are lazy. They do the bare minimum to get these emails out. They only need a handful of people to fall for it, so they don’t put much effort into creating believable, authentic-looking emails. Enough people fall for these that they don’t have to resort to those pesky time-consuming details like formatting and editing.
But they do attempt to mimic real companies that we do business with all the time. So if you receive an email asking you to click a link, and you’re not sure if it’s authentic or not, here are a few things you can look for.
Bad Formatting: Places like Walgreens, Amazon, and well, any other company have designers and editors on their staffs to put together professional communications. In this image, the company name breaks to a second line in the middle of the word, and the copyright notice has foreign characters in it. That alone tells you this probably came from a foreign country with a different characters (like China or Iran).
Bad Grammar: Real companies hire professional editors to make sure their communications look and sound professional. If you notice missing commas, missing words, or poorly constructed sentences, chances are good that the email is fake.
Bad Spelling/Odd Words: In this image, you can see one of the links is for Poto. Of course, that’s supposed to be “Photo.” Most companies use stock HTML in their emails to make sure things like spelling and layout are always consistent and that the links always work. If you see something spelled wrong, especially in their link structure, you can guarantee that it’s a bogus email.
Inconsistent References: In this email, they refer to the reader as “you” and then refer to the reader as “the recipient.” Any editor worth his/her own salt is going to fix that to be consistent. Also, notice there is no salutation in the email. They don’t say, “Hey Ken!” or “Greetings Mr. Crooker.” If a company you do business with is going to send you any sort of targeted email, they’re going to use your name. Especially if they’re filling an order you placed. Scam emails are spammed to thousands of email addresses, so they don’t put names in them because tailoring each one would take too much time.
Odd Statements: Scammers have a tendency to say weird things. Take this email, for example. It reads, “Upon confirmation you may pick it in any nearest store of Walgreens.” There are thousands of Walgreens stores. If I’m putting in an order for something, it’s going to go to a specific store. Not “any nearest” store. That concept makes no sense. When I order prescriptions or photos through Walgreens, the email confirmation lists the store address I’m supposed to go to. Also, if this was a real email, they’d say “in the nearest Walgreens store,” not “store of Walgreens.” If there are weird sentences, strange wording, or directions that seem odd, you’re looking at a scam email.
The Dreaded “Click Here” Directive: Some scam emails include attachments that contain viruses and the email directs you to view the attachment for more information. But the majority of scam emails direct you to click a link for more information (in this example, it’s to see detailed order information. NEVER CLICK THESE LINKS! When you do, one of two things happenings: Either the site puts something bad on your computer, or it’s taking information from your computer.
Now just because you see a spelling error or a missing comma, it doesn’t necessarily mean the email is malicious. But if you see a whole string of warning signs like this, do yourself a favor and just delete it. Don’t open any attachments. Don’t click any links. Just delete it.