Every day our inboxes fill with emails covering a wide range of subjects and purposes ranging from promotional messages sent by our favorite retailers, to personal messages from friends and family and business communications related to our jobs. While every email may not excite us in the same way that a brightly colored birthday card sent via "snail mail" does, there is one kind of email that we all work hard to avoid receiving: spam! No, not the canned precooked meat product first distributed in the 1930’s that is somehow still on the shelves of supermarkets today. Spam emails are a form of email fraud. These scams consist of unsolicited emails that falsely claim a bargain, ask for business or invite victims to a website with a detailed pitch.
Email scams can cause significant damage to you financially and while we know they are out there, they can be hard to spot. Scammers have a way of playing to our emotions, such as fear, sadness and greed, and capitalizing on them. To help protect yourself and understand just how low email scammers will go, here are 3 of the worst spam email scams of all time.
1.) Funeral notification scam
Email scammers have no heart and will use a worst case scenario to gain access to your personal information. In this funeral notification scam, recipients were sent an email like the one pictured above announcing the death of a friend and offering more information about the services with a "click here" hyperlink. However, rather than linking to a page with information regarding the funeral arrangements, scammers pointed the link to a foreign domain with malware, which is a term used for intrusive software like computer viruses or other malicious programs. The malware then downloaded to the recipient's machine and allowed scammers access to all of the information on the machine.
2.) Court appearance notice scam
Scammers will hide behind names and organizations that they think the recipients will recognize and identify as being reputable. In the scam above, the email notifies the recipient of an upcoming court hearing and directs them to click on the attachment for more information. In this scam, both the notification for court appearance and the additional information are false. Rather than containing further information and details about the alleged court hearing, the attachment contains a Trojan horse or virus that infects the computer of the receiver. Scams of this nature and subject matter have become widespread and institutions, such as the New York State United Court System, have posted notices about the scams that appear to be from their websites.
3.) Ebola virus scam
Newsworthy and major events like natural disasters or outbreaks are another disguise that cyber criminals will use to launch an attack. In the wake of the news surrounding the spread of the Ebola virus, people were on high alert. The heightened paranoia and precaution served as yet another channel for scammers to take advantage by sending "official" looking emails infected with malware. Specifically, this scam sent a virus that allowed attackers to steal passwords and gain control of a computer's webcam and microphone remotely. What was even more frightening is that this particular virus had the ability to run even if the computer had antivirus software.
How to avoid falling victim to an email scam
The first step in avoiding traps is being aware of what kind of disguises that email scammers use to enter your inbox. Here are some tips you should follow to lower the risk:
Knowledge is power. Understanding what you are up against is your greatest weapon in defending against email scams. In the majority of cases, you will be able to leverage common sense to discern if an email is suspect or trustworthy. For other situations, follow the steps above if you are unsure to help solve the mystery and avoid falling victim.
In addition, it is also important to keep your organization up to standards and ensure your messages don't appear spammy. If your organization obtains email addresses, it is important to take the time to validate those addresses on a regular basis. If not, you're putting your organization at risk of ending up in the spam folder and damaging your sender reputation – so keep your guard up!
What to learn more about you're protecting your organization? Check out our white paper, Data quality and your digital reputation.