How to identify and avoid email scams

People have been lying in order to con each other out of things since we first began to communicate. In days gone by, the con man had one chance to trick their mark and then had to hightail it out of the area to avoid being hunted down by a lynch mob once the nefarious plot was revealed. These days, it’s much easier for these scammers. Most of the world has internet, and therefore email, which serves to provide a never-ending supply of targets that can be safely plucked from thousands of miles away.

Email scammers attempt to get money or personal information from you without giving you anything of value in return. Unfortunately, these scam attempts are common because enough people fall for them to make them profitable for the scammers. The perpetrators face few risks because the scams usually cost nothing to invent and conduct, they take little time, and the chances of getting caught and punished are minimal.

Most scams are easy to avoid, although even the computer-savvy and the highly intelligent can be hoodwinked sometimes. In this article, we’ll describe some of the most common scams, explain how you can spot them, and discuss the steps you can take to avoid getting caught out by scammers. 

How to avoid email scams

Here are some simple steps you can take to reduce the risk of being caught out by an email scam.

  • Be familiar with common scams (we cover them in this article).
  • Use a good antivirus program. 
  • Use a secure email service
  • Avoid clicking links in email messages.
  • Be wary of unsolicited job or interview offers.
  • Ignore email attachments from unknown senders.
  • Use burner email accounts or aliases when you need to register for sites that don’t need to know your main account address.
  • Keep your email address off public websites, such as social media.

Spam filters may help, but the risk of blocking messages that you want or need makes them a poor strategy.

How to identify email scams

Every field in a list of messages and the message itself contain potential clues, so be vigilant when scanning your inbox. 

The To field. If you see multiple recipients in the “to” box, you know that the message is bulk-mailed. This is especially obvious if you see a string of names or email addresses in alphabetical order from the same part of the alphabet (e.g. Bob Zuber, Mary Zuckerberg, José Zuderman). If the message is to your email address instead of your name, the sender may not even have your name. Scammers may CC multiple recipients within the same company to seem more legitimate.

The From field. If the message is from someone you don’t know, an individual with a Chinese name or an Indian name, for example, and you don’t know anyone with a Chinese name or an Indian name, it is probably a scam. 

If an unknown sender is using a Gmail address, especially someone purporting to be a representative of a business, that’s a good clue. Most legitimate businesses use their domain name for their email addresses (e.g.,,, However, some phishing operations buy their own domains, which often look similar enough to legitimate businesses to fool people who aren’t paying close attention. For example, the number one (1), a lowercase L (l), and an uppercase I (I) can look the same. So, the I in may not be an i. An email address extension other than .com, .org, .gov, or .edu (e.g. .biz, .net, .top) is also cause for suspicion, although it may be legitimate.

The Subject field. Common scam subjects are clickbait, for example: “guaranteed loans,” “Vi*gr* – no prescription needed,” “your account has been deactivated,” or “drastically discounted software.” The sender is trying to scare you, entice you, or possibly even confuse you. Remember that you can’t win a lottery you didn’t enter. Others appear to be official correspondence requiring some action on your part, such as “please sign documents,” “survey,” or “work schedule for holidays.”. Scammers may also use “Fwd” or “Re” in the subject line to appear to have a prior relationship with you, similarly, “following up on my last email from last week.” is a common one.

Because distinguishing spam from scams can be challenging, the safest strategy is to ignore and delete messages with subjects containing clickbait words or phrases like “Vuitton”, “Splash Wines”, “Bag Shop”, or “act now!”. If you can’t resist temptation, go to DuckDuckGo and research the sender before opening the message.

The body of the message. If you’ve already opened a suspicious message, the salutation may contain a clue. If they use your email address in place of your name, for example, or “Dear valued customer”. Skilled marketers know how to use Mail merge, which will put your name in the salutation. Also, bulk messages from real businesses are more likely to say something like “Dear valued Walmart customer.”  

If the sender is clearly not a native speaker of your language, that’s a strong indicator of a scam. Misspelled words, typos, and awkward sentences are all clues. 

Online scams almost always try to instill a sense of urgency in victims. Wording that calls for immediate action is a strong clue. By pressuring you to act urgently, the scammer hopes you will panic and do what they want. Scammers may claim that your account has been closed or is about to be closed, or your account will be charged for something if you don’t respond (e.g. an iPhone you didn’t order and don’t want). Some scams claim you have been caught breaking a law and must pay a fine, or the scammer will report you if you don’t pay immediately. 

Asking for confidential information is a big red flag. Email is not secure by default, so a legitimate company will never use email to ask for private information, such as an account number, password, or credit card information.

Attachments. Malware is frequently transmitted through email attachments. An attachment with a .exe file extension is a program executable. If it arrives in an unsolicited message or a message from an unknown sender, do not open it. It is almost certainly malware. An attachment with a .zip or .rar file extension is a compressed archive. If you open it, it could install malware on your computer. Microsoft Word, PowerPoint, and Excel documents can include harmful macros. However, if you are using a modern version of Office (2013 or newer in all cases and 2007 in most cases), Office’s security defaults will alert you before opening those documents.

Scam vs. spam

Spam is unsolicited and unwanted bulk messages. The term was originally coined for email messages but has expanded to include telemarketing calls, texts, and other undesirable digital communications. 

You may think that the amount of spam has abated. That’s because ISPs and other email providers do a good job of filtering and blocking it, so a lot of it never reaches your inbox. However, the Washington Post reports that the number of spam emails sent increased by 30 percent in 2021 compared to the previous year.

Scams could be considered a type of spam, but an important distinction exists: spammers are generally selling something. That may be popular retail products (legitimate or counterfeit), little blue pills, sunglasses, business services, or financial services. Spam is an annoying method of marketing, but many spammers are legitimate sellers of products or services. Sometimes, when you apply for a job with a company or buy a product, you involuntarily get put on an email list and begin receiving marketing emails. 

In contrast, the only intention of scammers is to steal.

Phishing is a specific type of scam. Phishing perpetrators try to trick you into giving them credit card information, passwords, or Social Security numbers. See our comprehensive guide to learn about “common phishing scams and how to recognize and avoid them.”

Hacked email accounts

Hacked email accounts can be very effective Trojan horses. A Trojan horse is something that isn’t what it appears to be and can be used to describe malware attacks and email scams. 

Example: A man received an email message from a good friend who is a software engineer. The subject was “check this out.” The body of the message appeared to be a link. The message was suspicious enough that the man wouldn’t have clicked on the “link” if it didn’t come from a reliable source who was also highly knowledgeable about computer topics. The pseudo-link was actually an installation file for a virus. The man called his friend and confirmed that he had not sent the email and that his email account had been hacked.

In another example, a man received an email message from his cousin. The email displayed unusual behavior, vagueness, and language that did not fit his cousin’s style of speaking or writing. He was certain her email account had been hacked and responded appropriately.

The lesson from these examples is that just because a message appears to come from someone you know, that doesn’t mean it isn’t a scam. If the sender always addresses you a certain way or concludes a certain way, you can use that as pattern recognition to detect something is amiss, and that could be a hacked email account. The best way to protect yourself is to respond to the alleged sender through a different communication tool: call, text, or social media. You may also be helping the hacking victim by letting him or her know that his or her account has been hacked.

If you’re a victim of hacking, check out our article on what to do if your email account has been hacked. The related guide, “Identity theft scams: How to spot and avoid them,” covers phishing attempts, extortion scams, cryptocurrency, and other common scams.

Common email scams

Some of these scams date to the early days of the internet, but you never know which ones might be recycled. Plus, scammers can always create new and improved variants of them. 

Phishing Scams

A scammer tries to dupe you into believing the message is from your bank, a government agency, a charity, or a major corporation. The sender will use an address containing,,, or an equally credible business name. The body of the message will include a logo from that organization. The message is unsolicited and is not a response to any action you took. It may ask you to verify your password, confirm you really intend to purchase a product you didn’t buy, or provide information to secure your account. 

If you have an account with the alleged sender and suspect an email message might be legitimate, do not respond to the message or click on a link in it. Go to your account through your web browser, log in, and look for messages that confirm the email is legitimate.

Advance fee scams

With this scam, you are conned into believing you are entitled to money or a free product. In some cases, the scammer claims you have won this money or product. The only catch is that you have to send money in advance. The money is usually called a shipping fee, processing fee, or legal fee. One version of this scam is claiming you won a lottery.

419 scams/Nigerian check scams

419 scams and Nigerian check scams are perhaps the earliest advance fee scams. These messages actually came from people in Nigeria, but everything else about them is bogus. The sender (often claiming to be a prince) needs your help with something, usually to access money. The sob story sounds like a convoluted movie plot. If you would just advance the sender a small amount of money, you will be handsomely rewarded once he can access his money.

This extortion scam is never-ending. If you pay, the sender will find a reason why you need to send more money.

Never send money to a stranger or an unknown business in response to an email message. Research anyone or any business you think might be legitimate.

Relative in distress scam

The scammer claims your family member, often a grandchild is in trouble and asks for money for bail, legal fees, medical help, or ransom. The message may begin, “Hi grandma…” and the sender may claim to have lost their phone, so this is the only way you can contact them. They will describe an emergency situation that they need you to send money immediately to help them out. 

Knowing that this scam is prevalent is probably all the defense you need to avoid falling for it. if you’re unsure, contact your family member via another method: call, text, or social media.

Heartstring scams

Heartstring scams prey on your compassion. They ask you to send money to help victims. These scams commonly follow natural disasters, mass shootings, or events such as the Russian invasion of Ukraine. They also make appeals for homeless pets, wounded vets, and orphans. The more sophisticated scammers may even create a website for a fictitious nonprofit organization. Some scammers use GoFundMe to raise money for individual families or victims. In each case, the scammers are the cause who profit from your good intentions.

Many wonderful charities really do exist. You’ve heard of them: United Way, the Red Cross, the Society for the Prevention of Cruelty to Animals (SPCA), Doctors without Borders, and local food banks. But you don’t have to limit your giving to familiar charities in order to be secure. Check CharityWatch to verify the legitimacy of any unfamiliar charity.

Your friends or relatives may fall for heartstrings scams and pass the message along to you. Don’t become an additional victim just because the message comes from a trusted source.

Business opportunities and work-from-home scams

This scam has many variations. Most are get-rich-quick scams that should sound too good to be true. They often tell you that little effort is needed to make money. The scammer may promise to teach you how to make money selling on eBay or use the internet in some mysterious way to make a fortune (pay to unlock the secret). 

In each variation of this scam, you must buy something to get started. It may be a book, an ebook, materials, or a supply of products you will sell. You may get something in return for your money, but if you do, it will be snake oil and will not lead to the fortune promised.

A couple of subcategories of this scam predate the internet. They are pyramid schemes and Ponzi schemes. Both are illegal. People who buy into a pyramid scheme, usually by buying products, are promised that money is made by recruiting people to sell the products. People who move up in the pyramid sell opportunities, not products. 

A Ponzi scheme is similar. With a Ponzi scheme, existing investors earn a share of the money paid by new investors. Each of these scams depends on a constant surge of new recruits. You should be able to recognize and avoid these schemes if you are recruited in an email message. One of the dangers of pyramid schemes and Ponzi schemes is that the person who contacts you is often someone you know.

If a business is legitimate, it will have a credible website. The site should have an “about us” page that explains how it makes money, a “contact us” page that lists a physical address, and a page that lists the people who run the business. Check third-party websites, such as the Better Business Bureau, to verify their legitimacy.

Cryptocurrency scams

The debate over whether cryptocurrency itself is a scam is unresolved, even though big business has now gotten involved. Regardless, if you see cryptocurrency in the subject line or body of an email message from an unknown sender, you should delete it. At best, it is likely to be a get-rich-quick scam.

Tech support scams

These scams more commonly arrive by phone than email, and probably everyone on the planet has heard the pitch. The sender usually claims to be from “Windows” (which is not a business) or Apple or “Tech Support.” You are told your computer’s security is compromised, and this “company” wants to help you fix it. If you fall for the gambit, you will give the evil-doer access to your computer. He or she will install malware, such as ransomware, that locks your computer.

Big tech companies will never make an unsolicited call to you. They will never send an email message saying your computer is infected with anything. If, even with this knowledge, you or perhaps a much younger or older relative is victimized by this scam, you can overcome the scammer’s lock without paying the ransom. Check out our ransomware article for more information.

Health scams.

These scams prey upon people’s insecurity about their weight, sexual performance, or aging symptoms. They promise that, without an embarrassing conversation with your doctor or healthcare provider, you can buy a miracle cure. 

The products sold by these scammers are unlikely to work and are at least somewhat likely to cause you harm. Placebos would be safer. Do not buy any health-related products marketed in unsolicited email messages.

Trojan horse email scams

These messages tell you that your computer is locked or infected with malware. You may get a scary popup message. You should not open this type of message and should never pay a ransom. Instead, run a scan with your antivirus program or Malwarebytes. Chances are good that it won’t find anything related to the scammer’s claim.

Fake job scams

Fake job scams are mostly encountered on Craigslist and other job boards where posting is free, but they can also come by email. Be wary of offers of work or a job from an “employer” you never contacted.

Agency job recruiters (often called “headhunters”) are legitimate recruiters looking to make something out of nothing. Employers do hire specialty agencies to fill certain positions, but often headhunters are sitting at their desks with no jobs to fill. They comb the websites of leading local employers and find job listings. Then they send out spam, trying to find qualified candidates. While they are not committing fraud, the scam is that they do not have contracts to fulfill positions with those employers. They merely hope that an employer will pay a commission if they refer someone who is hired. This is a raw deal for a job seeker who may waste time with a headhunter who will be ignored by an actual employer. Furthermore, if the headhunter is desperate enough, he or she may refer you for an interview even if you aren’t qualified. You will waste time and energy.

In the United States, by law, internships must benefit the intern more than the employer. Many employers, especially internet startups, violate that law. Internships must provide a learning experience. A work-from-home internship is a scam. An internship with requirements expected from an experienced professional is a scam. 

Some jobs and “gigs” offer “exposure.” These are also scams in violation of federal and local minimum wage laws. Any jobs that require you to pay money are scams. Jobs that disguise the fact that they are paying less than minimum wage are illegal scams. Avoid employers who pay by the unit (e.g. picked produce, number of words written, number of envelopes stuffed, number of typed pages, etc.).

The worst scams are phishing attempts where no job exists, and someone just wants to harvest information from your résumé. Never give your Social Security number to a prospective employer.

You do not need to spend any money to avoid email scams. You don’t need to be tech-savvy or learn new skills. Your best strategy to protect yourself is to remain vigilant. Be aware of these scams and all their variations so you can recognize them when you see them.