Disclaimer: This post is sponsored by PSECU, a Pennsylvania-based credit union.
So, you’ve received an email from a member of the Nigerian royal family. They need your help recovering a large sum of money, but first, you’ll need to share some bank information. Sound fishy? You’ve probably heard of this common email scam.
Unlike in the movies, real-world cybercrime is conducted using mostly simple tools. The most popular tool at a hacker’s disposal is human error. Convincing you to thwart your own security measures is much simpler than doing the work to bypass them by force. That’s where scam emails come in. Here are some common ones to look out for.
1] Fake PayPal Account Email
This scam starts with an email that suggests there’s been an issue with your PayPal account. Failure to act could result in it being deleted. In some cases, you might be told that there’s been a security breach and the information requested is necessary for you to begin creating a new password so that you can stay secure.
Check the sender address and look to see what URL the links contained in the email go back to by right-clicking them and copying the link address or hovering your mouse over the link and watching the bottom of your browser window. Rather than a PayPal-associated account, they’ll point back to a third-party entity.
2] Bank or IRS Information Request
Your bank probably has a policy statement somewhere on their website explaining that they will never contact you by email to request your login information. You can probably imagine how this scam goes – an email is sent explaining that there’s been an error in your bank’s database, and it says they need you to restore your information. Please send your login credentials.
Sometimes this scam shows up in the form of a fake IRS email requesting similar information in relation to your taxes. Don’t fall for it. Submitting the details can grant criminals access to your bank account and potentially lead to identity theft.
3] Amazon Has Cancelled Your Account
Life without Amazon, what could be worse! Scammers know how many people rely on the online retailer’s services, so they’ve recreated what looks like an Amazon email in an attempt to fool you. The email will detail an order that allegedly came from your account being canceled.
Again, check the sending address and the URLs in the email body. There will likely be a request for you to share credentials for Amazon or even your payment information – do not.
If you need further confirmation that you didn’t order whatever item is the topic of the email, remember that you can view your full order history at any time on your Amazon account page.
4] Craigslist Money Order Scam
If you don’t know enough to be leery of Craigslist buyers by now, be leery of Craigslist buyers. This scam doesn’t rely on fancy formatting to look like Amazon or Wells Fargo. Instead, this one plays out when someone spots an item of yours up for sale and offers you more than what you’ve listed it for.
The extra money is to cover shipping fees overseas or address some other transactional issue, but could you please send the item right away?
Once you agree to the deal, the buyer sends you a fake money order. Your item ships out, the money order doesn’t go through, and you’re left empty-handed. If a deal sounds too good to be true, don’t take it. And if you’re doing business on Craigslist, always get your money up front.
5] Mystery Shopper
Would you like to make some money just by shopping online from home? If you receive an email out of the blue asking you to shop online and review retailers or something of the sort, it’s liable to be this scam. You’ll be asked to pay for your training supplies and sometimes even mailed a fraudulent check.
If you cash the check, you’ll be out some serious coin paying the amount it’s made out for, as well as overdraft fees for the defrauded account. Better to stick to jobs you’ve applied for.
6] Foreign Lottery Scam
This is a very common scheme in which you receive an email that says you’ve won money in a foreign lottery. Usually, the sender needs your information to send you your winnings.
A quick search to see if the lottery exists is a good way to rule this one out. Another telltale is if the sender is a person and not a business. Also, did you enter the lottery? If the answer is no, it’s not very reasonable to think you won.
7] Payment Dispute Scam
Payment services like Stripe and Venmo make our lives easier. Unfortunately, they can also be attack vectors. This scam email arrives proclaiming that you’ve been cited in a dispute of payment.
The email will ask you to enter your credentials to the payment service so that you can log in and correct the dispute. As always, look for misspellings, shady sending addresses and URLs that don’t link back to legitimate domains.
Always Practice Safe Email Habits
Your information is available to hundreds of thousands of companies if you do even a little business online, so it’s important to exercise caution when you receive an email you don’t recognize.
Remember that spelling errors and other production value issues are red flags, and never trust something that doesn’t feel right.
If you need to follow up on something with a company, give them a call or use some alternative method, and consider notifying them that someone might be trying to take advantage of their customer base.
PSECU, a credit union from Pennsylvania, created this useful infographic detailing some other common financial scams – check it out!
