7 clues to spot a (really good) scam email

by | Mar 24, 2018

I was half asleep on a lazy Sunday morning and got an email from Apple advising me my Apple ID had been locked, and failure to validate my details within 24 hours can result in termination of my account. My first thought was ‘crap, I’ve been hacked and need to verify my account ASAP as I don’t want to lose it’ so I clicked the link on my phone, and in my sleepy state didn’t check the details.

I must have woken up a little more, as I thought ‘Really? Delete my account in 24 hours? That’s a bit harsh’, went back to the email, looked a little closer and spotted some clues…

1. Check the language grammar

Even though we may speak to foreign-sounding people on the phone, legitimate emails from large companies will always contain correct grammar in your language. This does not just apply to english-speaking countries. Often the people setting up these scams are sending them out in multiple languages that aren’t their spoken language, so spelling and grammar mistakes are common.

2. Check the email account

In most email interfaces you can click on the ‘from’ field to check who the email is actually coming from. Make sure you check the actual email address, not the ‘from name’ that some email interfaces show. In this case, I can guarantee you Apple Inc are not going to send a verification email out from an address like reservations@travelhotelz.com. Also, who are these people setting up these scams?? And what other scams are they also running with an email account like that?!?!

3. Formatting and spacing

Apple in particular are very precious about their brand, so formatting and spacing errors will rarely get past their plethora of checks before sending an email out. Legit companies generally don’t send out emails with crappy spacing, so have a look around and see if you can see any dodgy formatting issues in the email.

4. What is your browser telling you?

Some browsers may tell you the site is not trustworthy. Take their advice, it’s best to be safe than scammed! In my case I was lazing on the lounge look my emails on my iPhone, so there was little security to tell me this was a dodgy site. But as soon as the penny dropped I checked on my desktop and voila! Google Chrome was on the ball and gave me a security warning.

So, if you’re looking on a mobile device and are unsure of the website’s legitimacy, close it down on your phone and check on a desktop computer to be sure.

Side note – looking at these websites side by side, these scammers have done a damn good job of looking legitimate. They’ve copied Apple’s sign in page pretty damn well, and this is why so many people who aren’t on the ball get scammed.

Always use your EYES and BRAIN when on the internet, don’t trust everything you see and it will save you some heartache.

5. Check the page URL

If you’ve actually clicked the link, got past the security warnings and arrived at the page, or you’re on your smart phone like me and it just loads on up for the unsuspecting user, you still have time to get the %$&* out of there before losing a large amount of cash.

Check the URL of the page you’ve been taken to. Some of these URL’s are long and complicated looking, but if you search through all that garbage for the part of the domain just before the .com, you’ll get a clue as to the provider of this page. Legitimate companies will not use domains such as domainsearchbro.com.

http://manage-support-verification-signinaccountservice.domainsearchbro.com/Login.php?sslchannel=true&sessionid=kPYSfuk0BFXFycUPTm7HrXCHnKdBTP4eE37UxsU97RPF4JuY6CGxAjfX4tzXiEcXHjRfLMoSEeyJX3H4&country=AU

6. Try signing in with the wrong details

I really just wanted to see what would happen when I signed in, but didn’t want to give away ANY of my details, so I made up an email address and password and what do you know, it’s letting me in! Clearly this website has no connection to the Apple username / password database, and isn’t checking your user/pass is correct. Another clue that this is not a legitimate Apple website.

7. Show me the money

And finally, here we are at the money page. Give me all your personal info and your credit card details. At this point alarm bells should be screeching in your ears!! Most companies won’t ask for financial info to verify, they’ll ask you security questions or, at most, the last 4 digits of your card number.

The only time you may have to give over credit card details is when you’re signing up (hopefully you’re signing  up for something legitimate!!), if you’re updating to a new card or your existing card details have expired. Randomly adding credit card details when being prompted through an email is generally not a good idea…

Remember, it's always better to be safe than sorry.

In this case, Apple aren’t going to start deleting email accounts in 24 hours, it’s just bad for business. Your best bet is to call the company the email is supposed to be from and speak with someone about your account

– make sure you get the contact number for the company from a new, separate page and not the one you’ve been taken to from the email –

or ask a trusted friend with knowledge in these areas to look at the email. Chances are they’ll spot some or all of these clues straight up.

Like our blog posts?

Why not sign up to receive them via email, or follow us on facebook.