At some point, you’ve likely received an email notifying you that your power will be shut off, asking you to login to your account or telling you that you’ve won some money and need to claim it. And though we’d all love to win some extra cash, there’s a good chance these emails are sent by scammers.
As a company who sends out notifications and e-newsletters via email, we feel it’s our job to help you know when you may have a legitimate email and when you have a scam.
Scam emails (also called phishing emails) are sent by people who are primarily trying to get your money by accessing your accounts, credit card numbers, or personal info.
Unfortunately, scammers have gotten really good at making convincing (but fake) emails. They can even create very real-looking (but fake) webpages that look like they’re from a legitimate company.
Emails may also have real info and images from an existing company, like phone numbers, logos, and other working links to the company’s website.
In phising emails and sites like these, the scammers will prompt you to take action, whether it’s logging in to your account or entering your credit card info. But their login forms won’t be secure, making it easy to take your info and use it later. They may also just want you to open a file with damaging software.
The easiest way to tell if the sender is actually who they say they are is to look at their email address, not just their display name. To save space on your screen, many email providers will only show the sender’s display name, kind of like their nickname. Instead of showing firstname.lastname@example.org, our email may pop up as Creative Graphics.
If you want to see the actual email address, hover over the display name or click a prompt to see additional contact info.
Legitimate brands will have legitimate-looking email addresses. Constant Contact has email@example.com, not firstname.lastname@example.org. Anything that doesn’t have their actual web address in full (constantcontact.com) is likely not from them.
(Occasionally, however, small businesses with small budgets will only have a Gmail or Yahoo! email account.)
You can look at any link address the same way you look at an email address. An email may say, “To avoid paying this fee, click constantcontact.com/account to log in.” But hovering over the link or copying the link into a Word document may show something different.
If it’s a scrambled mess (aadwentz.fortifyeeks.business.oi) instead of a clean, readable link with the company’s core web address in full, (constantcontact.com/preferences), it may be fake.
A lot of scam emails come from countries where English is a second language. These senders will often include spelling, grammar and punctuation errors throughout their email.
But hey, we all make the occasional spelling misstake. If you spot one misplaced comma, don’t send it to the trash just yet. Use these other tips to check authenticity first:
There are a few questions you should ask yourself should you find a fishy email in your inbox:
Should they be asking this?
Companies will never ask for your password via email, and companies will never ask for credit card or bank info via email.
Would the company handle a situation like this?
Some scam emails may say, “Your request to shut down your bank account has been approved.” Any legitimate company that handles important assets like money, utilities and important info will do more than send you a simple email if you want to take drastic actions.
Does this seem entirely bonkers?
If a Nigerian Prince is asking you for money advice, it’s a scam. If a company you never heard of said you won a house, it’s a scam. If some old lady wants to suddenly give you her life’s fortune, it’s a scam.
1. Google the actual company and call their phone number (from their website, not the email). Simply ask them if it’s normal for you to receive an email like that. Most of the time, this isn’t the first scam they’ve seen and they’ll be able to help.
2. Report the email. Most email providers have a way to report a fishy-looking email. If nothing else, send the email provider a quick message to the support team to let them know.
3. Don’t bother contacting the scammer. You won’t stop them, and they won’t care if you start yelling.
4. If you don’t want to delete the scam emails, put them in a folder so you can remember what to look for later on.