Tips for avoiding email scams
Tips for avoiding email scams
What's coming up?
In this activity, you will learn how to avoid the kind of email scams described in the How common email scams work activity.
Start activityAny email can potentially be a scam
Because it costs scammers nothing to send an email, they can try lots of different ways to disguise scam emails as real. If you keep this in mind, you can stay alert to the possibility of receiving a scam email.
The golden rule of email
The safest way to assess an email is that if you are suspicious of something in the email, or it just feels a bit off or strange, just delete it.
If you are sure the email is a scam, you can use your email service's Report Spam function to classify it as unwanted mail.
eSafety tip
When an email is put in the Spam or Junk Mail folder, all links in the email are automatically blocked and can't be clicked on.
If you delete an email and send it to the Bin, Trash, or Deleted Items folder, the links in that email still work. Be careful not to accidentally click any links in deleted emails if you need to check them for any reason.
What to do about spoofed emails
A spoofed email is one that looks like it has come from somebody you know, but is actually from a different email address altogether.
If you receive an email you suspect is spoofed, don't respond to it. Instead, check with the person whose account seems to have sent the email and ask if they really sent it.
eSafety tip
It's important not to click Reply on an email that you suspect is spoofed. Instead of going back to the person you think, it will go to the scammer. For instance, you might see John Kansas in the From field, but instead of going back to johnkansas08@gmail.com (the real address), scammers have set things up so your response will go to them.
Scam emails from known addresses
Some scams are able to take over a person's email address temporarily and use it to send scam emails. This means the email really has come from someone you know, but without their knowledge.
These sorts of emails are usually easy to spot, as the message won't sound like the person you know or might even just be advertising. You should let that person know their email has been compromised, and you should both change your email address passwords right away.
eSafety tip
It's not really possible to prevent scammers from using your name to send spoofed emails, but the good news is that this doesn't affect the security of your email account. The scammers can't read the mail that you send or receive.
However, if someone lets you know they received a fake email under your name, it's still a good idea to change your email password right away.
Be wary of emails from strangers
Email is best used to communicate with people you already know, or with official organisations and trusted companies such as online stores you use.
Scammers will sometimes send emails trying to make friends with people. If you've only ever known someone via their email address, it's difficult to tell exactly how truthful they are being about themselves. If you receive an email from a stranger asking to be your friend, you should treat it with suspicion as it may be a confidence scam.
eSafety tip
Never accept an invitation from a stranger to start using a messaging app such as Telegram, Discord, WhatsApp, or similar. This person is probably trying to cover their tracks by using an app that doesn't keep a record of conversations. This is a sure sign of a scam.
Change your email password regularly
It can be a good idea to change your email password once or twice a year, just to be safe. Your email service may also inform you of data breaches on other sites where you might have used your email to sign in or purchase something.
You can learn more about passwords in our Managing passwords course.
Data breaches and email passwords
If your email address is exposed in a data breach on another site, don't panic. All this means is that hackers have accessed the list of email addresses known by that site.
However, if you used the same password on that site as you use to sign in to your email, the hacker may get access to this. It's a good idea to change your email password if your service advises there's a chance that it could be compromised.
eSafety tip
You should never use the same password for two different accounts, because if one is compromised, the hacker may be able to sign in to your other account too.
Email services offer security check ups
If you use Gmail, Outlook, or Yahoo Mail, then your email service is also an online account that has many other features. One of these is a security check up, which can tell you:
- how many different passwords are saved in your browser's password manager
- if you've used the same password for two or more accounts
- if any of your passwords have been exposed in a data breach on a site other than your email web service
- tips and help with choosing the strongest possible passwords.
Well done!
This is the end of the Tips for avoiding email scams activity. You've learned some tell-tale signs of common email scams and to avoid responding to suspicious emails. If you want to find out more about spotting scams in general, see our Identifying and avoiding scams course.
If you're a registered user, you can now complete a short quiz to test your learning. If you're not registered, this is now the end of the How to avoid common email scams course.
