To say our lives have been digitized would be an understatement. Between online shopping, account credentials, and more, our personal data has become increasingly valuable. Consider the Twitter breach in July 2022 that allowed personal data of 5.4 million users to be stolen, or the September 2022 Uber hack by an activist that gave him access to customer payment information and locations. It should come as no surprise that fraud prevention is a perpetually hot topic.
But it isn’t always a hacker that gets access to our data. Sometimes it’s an Average Joe that takes advantage of the uninformed by using a tactic called phishing. Phishing scams come in the form of emails and telephone calls in which an individual pretends to be from a certain company to coerce someone into providing sensitive information, such as a social security number or credit card number.
It’s important to learn how to identify phishing scams (before you make a huge mistake). Here’s an example of a phishing scam that my dad received by email:
From: John Maryline [mailto:[email protected]]
Sent: Friday, February 16, 2022 1:21 PM
Subject: Your ATM Cards Released.
Attention: This is to inform you that we have agreed to release your fund valued at USD $5.8 Million which will come to you via ATM Cards. Please do re-confirm your information as below to avoid wrong delivery. Forward your information to the delivery office here: [email protected] and instruct them to send the card to you immediately.
Full Name (Receiver):_____,
Country of Resident: ______,
Office/Home Street Address: _____,
Nearest Airport: _____,
Mobile Phone Number: _____,
Identification papers (Passport copy or ID card) which you will present it before delivery is made: _____
Thank you for understanding and may God bless you.
Yours faithfully,
Mr. Mark James
Email: [email protected]
My dad sent Mr. Mark James / Mr. Maryline (did you notice that the top of the email identifies the sender as one and the signature line is that of the other?) the requested information and then forwarded the email to his entire company telling them that he quit.
No, my dad is not really an idiot.
My dad did send the email to his company, but everyone knew he was kidding. And no, he didn’t really reply to the email he received from Mr. Mark James / Mr. Maryline.
There’s a sucker born every minute, as the saying goes, but good, smart people are fooled every day. Want to know how to identify a scam email? You should definitely learn. Why? Because in 2021, phishing accounts for 90% of all data breaches, and phishing attempts grew 61% since 2021.
Instances of fraud among the elderly are especially rampant, and the last thing you should do if your elderly loved one falls for a scam is to blame or shame them. Instead, take a more proactive approach in their education about fraud prevention.
Sid Kirchheimer, writing for AARP, interviewed Anthony Pratkanis, a social psychologist at the University of California, Santa Cruz. Pratkanis noted, “When protectors take over finances or lecture parents about their mistake, it plays right into the scammers’ hands by threatening the target’s independence.” In other words, as Pratkanis said, “[F]or scam victims to admit they were wrong means they’re stupid and unable to take care of themselves.”
Some scams are harder to detect than others, and some perpetrators are experts at what they do. Don’t blame the victim.
There are things you can do to protect you and your loved one’s personal data ahead of time from fraudulent scams. For example, as Kirchheimer counsels in his article:
Some scams are harder to detect than others, and some perpetrators are experts at what they do. However, there are some pretty obvious red flags that make a scam more identifiable.
Computer help desks do not have to ask you to read information from your computer screen if they are already monitoring your computer and calling you to tell you that something is wrong.
Banks, credit card companies, and other financial institutions do not email you asking you to sign into your account using a link contained in the email. An “important update on your account” will never require you to update your personal information through a link. In these cases, it is probably best to pick up the phone and call your bank to verify the email and update the information by phone.
If you ever get an email like the one here, for example, you can be sure it is not really from Bank of America.
Fraudulent emails that purport to be from a company, by the way, rarely use email addresses that end with the company name. The one above, for example, was sent by someone using a “comcast.net” email address. Learning how to identify phishing examples takes practice, but some are easier to spot than others. For example, Bank of America can afford a custom email domain and will not send emails from domains such as Gmail, Hotmail, Yahoo, or AOL.
Use a site like domaintools.com to find out who owns which domain name. Companies with domains ending in “.edu” or “.gov” are usually much more reliable than those ending in “.com,” “.org,” and “.net.”
Emails written with typos or bad grammar are most likely fraud. And if you’re buying products online, check the grammar on the seller’s product listings. Grammatical errors on product listings are a good sign that English isn’t the seller’s first language. While not all international sellers are scammers, be cautious and do a background check on the seller to confirm that they’re not selling you any counterfeit goods. If you want to know how to identify a scam email, start with a quick grammar check.
If a company emails you promising “big winnings,” like a free trip to Fiji or a free iPad, or if they ask you to “enter your email and password so we can send you further information on how to collect your prize,” it is a scam.
The Secret Service offers these tips for determining telemarketing fraud:
First impressions are everything. If an email starts with “Hi,” “Hello,” or doesn’t refer to you by name, you should be cautious. If you are a Bank of America customer, for example, then it’s likely that Bank of America will greet you by name.
If an email signature doesn’t have proper contact details, then it may be a scammer. Reputable companies will leave their contact information, such as an office telephone number and extension. If the email just has a person’s name and a potentially fake title, you should probably reconsider.
You may have seen the Youtube videos of scammers that call random numbers pretending to be from the IRS or a sheriff’s department. They claim that the person is in trouble and must provide their bank account information to avoid arrest. Urgent and sometimes threatening messages or phone calls can be a major sign of a scam.
In addition, if an email has attached photocopies of account “evidence” or government documents, it’s important to know that photocopies are not legitimate forms of verification.
If you receive a phone call or email that you think is a scam, and if you have a few extra minutes, you may want to check out one or more of these resources:
In the end, if don’t know how to identify a scam email, or if you fall for a scam, don’t beat yourself up. Seek help immediately.
Always think twice before sharing your personal information with anyone or clicking on any attachment to any email you may receive.
The best fraud protection is common sense. Consider freezing your credit and using credit monitoring and identity protection services; use very strong, long (and different) passwords on each of your financial accounts; and, when it comes to inbound calls or emails, follow that old rule: don’t talk to strangers.
Did you enjoy the article? We have several related webinars that can help you learn more about how to better protect yourself and your company online:
For more information about our on-demand webinar series, click here.
This is an updated version of an article originally published on September 5, 2019. ©2023. DailyDACTM, LLC d/b/a/ Financial PoiseTM. This article is subject to the disclaimers found here.
A passionate environmentalist and animal rights’ advocate, Sophie Friedland is dedicated to the idea that furthering these imperatives and being financially successful are not mutually exclusive. A college Freshman at the time of her first submission to Financial Poise, Sophie is Financial Poise’s youngest-ever contributor.
Session expired
Please log in again. The login page will open in a new tab. After logging in you can close it and return to this page.