Spot the Spam, avoid the Scam

4 Jun 2015 Ian Kelly    Last updated: 4 Oct 2018

Be aware of the details to look out for in a potentially suspect email and avoid being conned out of your personal details, computer security or your money.

Somewhere between 50 and 90 billion spam emails are being sent on a daily basis and make up approximately 75% of all email traffic (Source: Commtouch) The most common type of spam these days and the one with the most potential for damage is the phishing email. Phishing is a method used by scammers to attempt to fool you into falling into their trap and handing over your personal details or account information.

Despite valiant efforts being made to filter, junk or block these there is always a risk of a false positive and one or two nefarious emails slipping through the net. Some of these are very obvious and can be easily avoided, unless you really have just recently lost a distant relation in South Africa who just happened to be a Prince looking to leave you his inheritance?? On the other hand there are quite a few very committed con artists who put a lot of effort into creating a quality scamming system with a concerted effort into creating a sometimes indistinguishable replica of a bank email, or will make efforts to find out your organisation structure and create an internal targeted email from a senior staff member.

How to spot one:                                                                      

  • The sender address
    Does it differ from the organisation it is reportedly from? (eg. @pay-pal.com ; @e-bay.co.uk ; @hsbcpayments.com)
  • Check any link before clicking
    Hover your mouse over the link, does it reflect a familiar website address or a false one? Also be wary of any shortened links (bit.ly or tinurl.com etc.) these can connect to any site. (Check links here first: http://onlinelinkscan.com)
  • What is the purpose of the email?
    Does it just happen to be trying to scare you into thinking one of your accounts have been compromised? Click here to check or reset your password etc. This should be ringing alarm bells
  • Is it from your bank?
    In most cases your bank will never contact you regarding the security of your account or any breaches thereof, by email. They will always contact by phone or letter. If it is a statement notification, check all of the above before clicking anything.
  • Is it an unusual request?
    Has your Director just asked you to wire some money to his off-shore account? Don’t reply, always check this out with the staff member first and make your systems administrator aware, as the actual replying address may differ to what you see.
  • Spelling or grammatical errors
    This may seem obvious, but a few minor errors in the content should ring alarm bells for further checks.
  • Check for attachments
    If someone has asked you to check the attached invoice, delivery note or other in the format of a document, zip file or other unknown file type, do not open or save these files. They are also a good indicator that the email is not what it says it is.

What to do if you receive a possible scam email

  • Don’t click on any links within it.
  • Don't open any attachments.
  • Don’t reply to the sender, you will only validate your address.
  • Never give any personal information.
  • Report it to whoever looks after your IT system, they can blacklist senders.
  • Report it to Action Fraud.
  • Find out if you have a filtering system in place, if not look into one (see below).

Further Information:

For more information, please contact [email protected].

The opinions, views or comments in this article do not necessarily reflect any views or policies of NICVA.
ian.kelly@nicva.org's picture
by Ian Kelly

Systems Administrator

[email protected]

Not a NICVA member yet?

Save time, money and energy: Join NICVA and you’ll be connecting in to a strong network of local organisations focused on voluntary and community activity.

Join Us

NICVA now welcomes all small groups for free.

Read more on...

ICT