Email Scams
Email scams are a type of spam and have existed for many years. The list below contains some examples of the various types of scams currently circulating on the internet. The list is not exhaustive, but is meant to represent some of the more common scams that you may encounter.
Type of Scam | Description |
Email Impersonation |
Email impersonation involves someone creating a free email account (ie: gmail.com, outlook.com,etc.) with the intention of it appearing to belong to someone else. This account is then used to communicate with someone in the hope of gaining that person's trust to then leverage it for information or monetary gain, usually in the form of gift cards. See "Gift card" scam below. |
Gift card |
Gift card scams are highly targeted emails that impersonate someone in a high position that requests a subordinate to do them a favour. In this case, the favour is to buy gift cards and send the codes to the requestor, who will, in time, refund the cost for the cards. Of course, no refund will be given and the employees who spend their own money will never get reimbursed for their efforts. |
Extortion |
These emails can be ignored and deleted. There is no potential harm to the recipient. The extortion email claims to have some incriminating or embarrassing videos of the email recipient. The email writer then demands a payment, generally via BitCoin. The promise is that once payment is received the videos will be destroyed and you will never hear from the email sender again. The threat is that if no payment is received in the time period specified, that the video will be sent to everyone in the recipient's address book. |
Invoice |
This scam is highly targeted and requires some inside knowledge by the sender in order to be effective. The scam involves sending an invoice to the purchasing department of an organization. The invoice is made to appear to be from a legitimate contractor that the organization does business with, but the contact and account information are altered so that any payments will be directed to a fraudulant account. |
Lottery |
This scam generally involves an upfront payment (ie: a processing fee) in order to receive a much greater payment, which inevitably never materializes. |
Inheritance |
This message claims to be from a lawyer handling the estate of recently deceased long lost relative, and you are the sole heir as the lawyer was unable to find another closer relative. Similar to the lottery scam, you are then asked to pay a modest fee before the inheritance will be released to you. |
Social Networking |
Watch out for fake friend requests. Scammers may copy an account profile and send out messages to all in the list of friends claiming there is some kind of emergency and requesting that you send money to them right away. To avoid this, be sure that social media profiles have sufficient security controls applied. |
Work from home |
AKA, the mystery shopper scam. This scam offers you the opportunity to work from home as a mystery shopper, being paid hundreds of dollars per week for only a few hours work. However, it generally involves upfront fees for "training materials", or may involve being paid with a fraudulent cheque. |
1 | Who was the message sent to? Was it sent to your email address? Were the message recipients hidden? |
2 | Who was the message addressed to? Did it mention you by name? Email address? Was there any salutation at all? If it is not addressed specifically to you, or the recipients list is hidden, treat it with suspicion. |
3 | Does it express a sense of urgency? Does something need to be done now and you will be reimbursed later? |
4 | Does the request make sense? Is this something that you would expect the supposed sender to request of you? Verify the sender's email address. If unsure, contact the sender using a known good method of contact. Do not simply reply to the email message. |
5 | Is it too good be true? Did you really win a lottery that you never entered? |
6 | What is the likelihood that a long lost relative died, leaving you the sole inheritor of a large estate? |
7 | Is there a request that you send personal information (ie: bank info, credit card numbers, social insurance number, etc)? |
1 | Ignore and delete the message. No further action may be needed. |
2 | Do not click on any links in the message or download any attachments to the message. |
3 | If the scam is related to Social Media accounts, verify the request by contacting the social media contact using a verified and trusted means of communication (ie: phone call, known good email address, etc) |
Published on and maintained in Cascade.