Customer Service Guru Powers: How to Detect a Spam Email
If I could get fewer confusingly realistic phishing and spam emails, that would be great. However, with 260,000,000 scam emails sent every day, it’s unlikely that they’ll stop turning up in my inbox any time soon.
So, using customer service powers to figure out what a company would never do in an email to its customers, and by researching spam detection techniques from across the wide, scary internet, I’ve put a guide together to help stop innocent rubes like me from falling for a scam email.
Check the sender
Legitimate companies send emails from addresses based in their company server. If you hover over the “from” section, you should see the email’s origins and who it was sent to. For example a notification email from LinkedIn should come from “email@example.com”, and receiving one from “firstname.lastname@example.org” is definitely a sign that the email is not legitimate.
Similarly, if your own email address appears as the sender’s address, or the “sent to” section has many other email addresses in it, you should be very suspicious. A company will always email you individually, and attempt treat you as a valued individual customer – not cram two hundred people in the recipients box and fire away.
Check the spelling and grammar
While it may seem like a poor tactic on the part of scammers, many scam emails intentionally include atrocious spelling and grammar, among other clues that the email is not legitimate. This is not carelessness or lack of ability on their part, though – it’s a deliberate tactic used to isolate easy targets. Someone who is not as observant or critical will not notice the ‘mistakes’ and will click whatever the spammer has sent, indicating that they are an easier target than the people who just bin suspicious messages.
The scammers will then concentrate their efforts on their unfortunate victim in an attempt to exploit them as much as possible.
Beware clicking on links
This should really be obvious, and you are probably already very wary of clicking a link embedded in an email – for good reason. A company email will rarely include direct links, and if it does, they will be anchored to text, like this.
It will never just be a long, bare link in the text body, so be careful around emails with these exposed links sitting in their text.
You should also treat attachments with extreme care, particularly if the email claims to be from a business or service that you use. They will never send attachments in emails, so if you see one, do yourself a favour and don’t open it.
Look for your name
Look for your name: no company would ever, ever address a paying customer without using their name. You gave your name to the company when you gave them your email address, and they will use it! It goes against every ounce of customer service knowledge to call you by a number, or omit a title altogether and just call you “valued customer”.
Scammers, however, want a generic email they can send to hundreds of people, so figuring our your name and using it is not in their interests. If an email opens with “dear customer reference #890254”, you know it’s bollocks.
Compare the email to others from the company
You will probably have a good grasp on what a certain company’s emails look like already, even if you don’t know it – you’ll simply know that something isn’t right when you see a fake version of the company’s emails.
A real company email will include the company’s logo, and will have a mix of images and text that fit the company theme and create a recognisable brand. It will also use a distinct tone of voice and follow a specific structure that spammers most likely won’t. If you have another email from the company, compare the two side by side and notice what the suspect email is doing differently.
Don’t be fooled by urgency or attempts to panic you
A real company email will never try to create a sense of urgency and panic with its emails. Attempts to hurry you and claims that you have brief time limit to click on something or activate something are deeply fishy and shouldn’t be trusted. Recently I personally have started recieving emails that claim to be receipts for considerable purchases made on my account, with convenient links to “get a full refund” directly underneath. In this case, the fear of being hacked and losing money creates the sense of urgency, and people click through without considering how suspicious the email is, or how awfully convenient that “get a full refund with one click” option was.
If in doubt, bin it and contact the company directly
If in doubt about an email, simply delete it and contact the company directly concerning the subject of the email. If it was sent legitimately by the company, they can either re-send it or work out the details over the phone or by email. If it was sent by scammers, your deleting it and contacting the company yourself resets the balance, getting rid of the scammer and allowing you to talk to the people you really want to be in contact with. Better safe than sorry!
Credit for the banner image goes to Warren Price Photography at Shutterstock