9 red flags to help you spot an email scam

/ Security
Last updated on April 15th, 2020

IT security - 9 red flags to help you spot a scam email

Every day hundreds of thousands of scam emails flow into the inboxes of users all across the world. While it’s painfully obvious that some are completely fraudulent, phishing emails – particularly those targeted at businesses – are becoming much more sophisticated, and increasing numbers of users are being tricked into sharing valuable company information.

Unfortunately, there is no one red flag which immediately identifies a scam email, but there are a number of things to watch out for.

How to spot a scam email

1. Don’t trust the displayed name in the email

A name displayed in the “from” box in Outlook is not a guarantee of the sender

2. Look but don’t click

If you hover your mouse over a link (without clicking) you will see the web address that the link points. If it doesn’t directly reflect that of the sender then be cautious. Also be extra vigilant if any email directs you to a website asking for a login, as this is the main way a criminal will steal valid login credentials.

3. Check for spelling or grammar mistakes

If the email doesn’t sound right when reading it then that’s a flag that it’s not legitimate

4. Look at the salutation

If your contact usually addresses you by your first name, but now they’re writing “Valued Customer”, you should look deeper. Again, any suspicion you have is probably being triggered correctly – trust your instincts.

5. Never give sensitive information

If an email is asking for sensitive information over email or a web page that you wouldn’t be comfortable with anyone else seeing then pick up the phone to a known number and validate it.

6. Beware of “urgency”

If an email sounds urgent and startling then do take some time to think, analyse or ask advice. If someone is threatening to stop a service or is making a demand then you should stop, think about it, and talk to your colleagues.

7. The images and layout in an email tell the truth

It’s common for cyber-criminals to not quite get the look of emails right, in terms of images and layout. You alarm bells should ring if the email doesn’t look quite right. If in doubt, pick up the phone.

8. Check the domain

Many spoof emails use a domain that is close to the legitimate domain. For example, someone could use rather than to fool a recipient.

9. Be wary of attachments

Attachments in emails can be dangerous if the file type isn’t a standard application file, such as a .doc (word file), xls. (Excel file) or pdf. (PDF file). Be especially wary if the attachment is one of the following file types – “exe”, “bat”, “com”, “cmd”, “cpl”, “js”, “jse”, “msi”, “msp”, “mst”, “paf”, “wsh”, “wsf”, “vbs”, “vbe”, “psc1”, “scr”, “lnk”. Also be extra careful with zip files as they can often hide dangerous files from inferior email scanners and firewalls.

Example of a scam email

example of a scam email where a hacker pretends to be a member of staff

At the end of the day, if an email doesn’t seem quite right then make sure to qualify with the supposed original sender. If your Finance Director asks you to arrange a bank transfer, confirm the request on the phone or in person. It only takes a few minutes and could prevent you from making a costly mistake.

NEXT>> How to identify 4 common types of scam emails

/ Technical
Windows Virtual Desktop review

Our Client Infrastructure Manager and Azure specialist reviews Microsoft’s Windows Virtual Desktop. Windows Virtual Desktop (WVD) is Microsoft’s newest Platform as a Service offering. It supports multi-session Windows 10 virtual machines and boasts significant improvements to the user experience and capabilities of certain Office 365 apps in a virtual desktop environment. WVD became globally available […]

/ Security
How AI is protecting businesses from cyber-threats

We are currently in the middle of another industrial revolution. This so called Fourth Industrial Revolution (4IR) has the potential for change on a massive scale. The first industrial revolution brought us mechanisation and steam power. The second introduced production lines and electricity. The third added computerisation and robotics. And now the fourth promises interconnected […]

/ Strategy
How to prioritise IT projects in a growing business

In a growing business, it often feels like every IT project is the number one priority, but with limited resources available it’s simply not possible – or practical – to tackle them all at once. But when everyone is clamouring for attention, how do you decide which project comes first? One of the problems many […]