top of page
Search

Spot Email Scams: Stay Safe Online

Email has become an important part of our daily life.While it is incredibly useful for sending and receiving various Informations,it has become one of the most widely used medium for fraudulent activities and financial scams.


Social Engineering


Social engineering refers to all the techniques used to hack or steal someone's identity or information. It is considered illegal and activities such as identity theft and breaking into government facilities are included in serious crimes. 


Social engineering attackers use email as the main medium to fool people. 


Attackers use simple tactics such as asking for help and gaining empathy from others.These tactics can be employed through email, phone calls, or even in-person.They mainly targets old people and teenagers who aren't aware of these scams.All the concepts such as whaling, phishing, BEC etc are the branches of social engineering. 


What are the different types of email scams?


1. Phishing:


Phishing is one of the most common email fraud.Scammers may send malicious links to individuals and steal personal information or money when a user opens the link.


2. Credential theft:


Credential theft is the way of stealing someone's personal information like passwords, usernames and financial details to access an online account or a system.


3.Supply-chain attacks:


Supply-chain attacks target an organization that provides vital services or software within a business network. 


4. Business Email Compromise(BEC):


BEC attackers steal the identity of high level executives of an organization,and use this identity to request financial transactions.


5.Whaling:


Whaling is an advanced way of phishing in which attackers send an email which looks like it's from a legitimate source. Whaling attackers may ask the user to click on a link that leads to a malicious website where information can be collected and malware can be downloaded.


Red flags of an email scammer:


•If the ad or the text contains major grammatical errors,it can be counted as a red flag.


•Contains Unfamiliar or suspicious attachments within the e-mail.Such attachments are often associated with malware like .zip


•Requesting for personal information and credentials from unknown IDs.


•Urging to take action by offering limited time deals or threatening to leak personal information.


•Inconsistencies in domain names or email addresses(eg:misspelled words, extra letters)


•Uses overly friendly language and may use an email address similar to a legitimate source but with slight variations.



Some scammers may send messages which sound like it's from a trusted source such as your college or business, or even from a person you know. Attackers will research about the targeted people and learn about their interests to make it feel more trustworthy.


419 emails(Nigerian Prince Scam)


419 scam, also known as Nigerian Prince Scam or advance-fee fraud, mostly involve around nigeria and its near places.Scammers contact people(mostly individuals) asking to pay an admin fee to move a large amount of money from one country to another with the promise you'll receive the commission of money later on. 

They may introduce themselves as military officials , bank officials or business executives to gain people's trust. 

These scams can be sent via email, letter, fax, or other methods.


The '419' refers to the section of the Nigerian criminal code.


Protecting yourself from email scams



  • Avoid responding to any suspicious email and block the user immediately. 


  • Never travel anywhere if offered, even if it isn’t far to go. You won’t get any money and you’re putting yourself in danger.


  • Install antivirus software and firewalls to avoid installing unwanted and potentially malicious softwares.


  • Never share personal details even if it's from a person you know without confirming it's really they're. 


  • Keep your softwares updated.


  • Protects accounts using 2 step verification


  • Think twice before clicking on attachments.


  • Use strong and unique passwords for each account.Using the same passwords for multiple accounts make it easy for hackers. 


  • Always educate yourself about trending scams. 



While technology offers incredible opportunities, it also presents new avenues for deception. Remember, in this digital era, skepticism is not skepticism, it's self-preservation.





Citation:

1."Email Scams".proofpoint.(n.d).web.25 Dec 2023<https://www.proofpoint.com/us/threat-reference/email-scams>


 2.Recognising and Avoiding Email Scams.US-CERT,2005.cisa.gov, https://www.cisa.gov/sites/default/files/publications/emailscams_0905.pdf.PDF download.

 

3."Whaling Phishing Attack.mimecast.(n.d).web.25 Dec 2023<https://www.mimecast.com/>


4.Perception Point.(n.d).web.25 Dec 2023<https://perception-point.io/guides/>


5.David Puzas."Common Cloud Threats:

Credential Theft".crowdstrike.Jan 12, 2023.(n.p).web.25 Dec 2023.


6.Alexander S.Gillis."Supply Chain Attack".TechTarget.(n.d).web.26 Dec 2023<https://www.techtarget.com/searchsecurity/definition/supply-chain-attack>


7."Social Engineering Attacks".Check Point.(n.d).web.26 Dec 2023<https://www.checkpoint.com/cyber-hub/threat-prevention/social-engineering-attacks/>





 
 
 

Comments

bottom of page