Protect Your Inbox: Identify and Prevent Email Fraud

In fact, an estimated 3.4 billion spam emails are sent every day worldwide. Whether these are emails to your personal account impersonating businesses or your work email requesting sensitive data—email scams are everywhere.

The increase in email fraud, led by software and technology that can send hundreds of emails in seconds, can be costly and dangerous.?

Let’s look at the different types of email fraud, how to identify them, and, most importantly, how to avoid being scammed.?

What to look out for in your inbox

Scroll through your email spam or junk folders, and you will see a plethora of messages that include business imitations, urgent offers, rewards, surveys, notices of payment, or shipping confirmations. These common scams, and others, try to trick readers into giving away personal information or money.

Business accounts also receive fraudulent emails, such as business email compromise (BEC), phony tech support messages, and fake advertisement/directory space. These scams involve attackers impersonating executives, charities, vendors, and support services and requesting the download of malware, a transfer of funds, or the disclosure of sensitive data.?

How to avoid email scams

Knowing how to spot fraudulent emails is essential to avoid becoming a victim of another scam—for both consumers and businesses. Here are some tips to help you prevent email fraud:

1. Check the sender's address

One of the easiest ways to identify fraudulent emails is to check the sender's email address, not just the name in the “from” field. Ensure the email address on the message matches the organization’s domain. For example, an email from Better Business Bureau will always be from our domain @bbb.org, not @bbb.biz or @bbb.com.??

The Better Business Bureau’s research report on small business scams found that 53% of survey respondents said the scammers who attacked them pretended to be someone the business trusted.?

Even if you recognize the sender’s name on a suspicious message, confirm that the email address is consistent with other past messages you’ve received from this person or business. If the addresses don’t match up, or the new message seems suspicious, it's best to delete or report the email immediately.?

2. Consider an email’s contents carefully

Another way to identify fraudulent emails is to look carefully at the email's contents. Fraudulent emails often contain poor grammar and spelling mistakes, odd graphics, unusual formatting, or a sense of urgency. They may also include requests for personal information or money that are out of the ordinary.

Harmful links and attachments to suspicious emails could infect your device with malware that will compromise your computer and network data. Do not download attachments on any email message that seems suspicious.?

Assess any links by hovering over the address to see if it leads to a legitimate or harmful website. If you're not sure, it's best to delete the email. You should disregard the message or contact the sender through another channel to verify the legitimacy of the contents, links, and attachments.

3. Good email security practices

In addition to deleting suspicious messages, you can develop good email security practices to avoid becoming a victim of email fraud.?

Use strong email passwords: Create passwords or passphrases that are unique and hard to guess. Strong passwords use a combination of letters with mixed capitalization, numbers, and symbols. Four-digit dates, names, and keyboard sequences are easy to guess and make it more likely to have your email account hacked and your data stolen or compromised.?

Strong passwords are original passwords. The average person keeps up with over 100 passwords, which can be quite a challenge. Don’t try to shortcut this by reusing one password for multiple accounts. Reused passwords open your accounts and personal information to hackers. Use computer-generated passphrases or store passwords in an encrypted password manager instead.?

Never give personal information via email: Legitimate organizations will never ask you to provide personal information via email. If an email requests your personal information, it's likely a phishing scam. Delete the message immediately.

Forward any fraudulent emails to spam: If you receive an email you suspect to be fraudulent, it's essential to report it. Forward the email to your company’s IT department or your email provider's spam reporting service. Reporting fraudulent emails can help prevent others from falling victim to the same scams.

BBB resources

Better Business Bureau (BBB) offers a variety of resources to help businesses and consumers protect themselves from email fraud. The BBB Business Scam HQ page provides up-to-date information and access to articles, reports, and tools to inform readers about the state of small business scams.?

Our BBB Scam Tracker allows anyone to report and track scams in their area. You can use the tool to file a scam report or search the database to see if a report has been filed about a suspicious email you received.?

Conclusion

Email fraud is a growing problem that can be costly and dangerous. Follow good email security practices, learn how to spot fraudulent emails, and utilize resources (like the BBB Scam Tracker) to protect yourself and your organization.

With a little vigilance and knowledge, you can keep your inbox secure and avoid becoming a victim of email fraud.