16 common email scams – and how to spot them
Common scams – and how to spot them
![](https://loveincorporated.blob.core.windows.net/contentimages/gallery/2b6e2f64-a707-4c0d-a66d-401bf9c32422-Phishing2 shutterstock.jpg)
To mark Scam Awareness fortnight (June 10-23), we look at some of the most common scams doing the rounds on email, Twitter, Facebook and WhatsApp, and explain how to spot them.
Amazon fake order scam
![](https://loveincorporated.blob.core.windows.net/contentimages/gallery/ef883768-c4e4-4ee2-89d3-7d0d2d217316-Amazon-fake-order.jpg)
Given the popularity of Amazon, it's a common target for scammers. In this con, the fraudsters send you a supposed order confirmation email.
In the example we show, we had apparently purchased a ‘Crucial internal solid state drive’ for £125.
The email then asked us to follow a link to a 'Refund page' if we hadn't made this transaction. The link takes you to a fake page designed to look like Amazon designed to steal personal data.
If you are worried that someone has hacked your account, whatever you do avoid clicking on any links in said email. Instead, navigate to Amazon on your preferred browser and check your recent order history.
If there's nothing suspicious there, delete the email immediately.
Amazon 'reward voucher'
![](https://loveincorporated.blob.core.windows.net/contentimages/gallery/84e7776f-2b8f-4cc5-965d-d60cff47fe33-Amazon-voucher-scam2.jpg)
In this Amazon scam email, we're told we are in with a chance of winning a £500 voucher.
The offer in these mails is always for a limited time to try and instill a sense of urgency.
The email mentioned us by name, which gave it some credibility, but the spelling mistakes and the fact the email address is clearly nothing to do with Amazon are the clear signs this is a con.
Amazon 'account locked' mail
![](https://loveincorporated.blob.core.windows.net/contentimages/gallery/6f3c5ba4-e7b1-4c2b-92bb-ad0977c6bbdf-Apple-phishing.jpg)
This Apple phishing email was shared on Twitter by Kyle Roth. Allegedly from Apple Support, the recipient Alex was informed his account had been locked as a result of too many unsuccessful login attempts from a computer in Russia.
As is the common trend, the link asking you to unlock your account takes you to a fake page aimed at stealing your info.
So how can you spot it's a scam? Dodgy spelling, an unconvincing sender's email address and the fact the login page the scammers created looks nothing like Apple's site.
Apple 'subscription confirmation' mail
![](https://loveincorporated.blob.core.windows.net/contentimages/gallery/ff1f3aed-d0fc-4c85-a0e4-e47261670519-Apple-scam.jpg)
This Apple scam is more convincing – provided you have an iTunes account. Similar to the fake order scam from Amazon we mentioned earlier, this mail 'confirms' you have paid for a £35.99 subscription.
What's more, the subscription will automatically renew unless you take steps to cancel.
The 'Cancel / Refund' page is, of course, bogus. If you are worried someone has accessed your account, login separately from this email and check your recent activity.
BT 'cyber breach' scam
![](https://loveincorporated.blob.core.windows.net/contentimages/gallery/66a5d694-2ff5-4f7b-b0bb-91adf14bdd57-BT-cyber-attack.jpg)
Up until now, all the scams we've looked at could be sent at any time. This is an example of scammers making use of a topical event to con victims into sharing their details.
The mail claims to be from BT and warns that, as a result of the recent ransomware attack that made headlines for hammering numerous organisations including the NHS, customers need to confirm a security upgrade.
Needless to say, clicking on the upgrade link is the last thing you should do.
How to spot it's a scam: first of all, it uses the generic term "BT Customer" rather than your name. There is also some creative language being used, such as "Deficiency to do so will result in limited access..."
Just delete the message. If you want peace of mind, you could contact BT using details sourced from your last bill.
Council Tax rebate scam
![](https://loveincorporated.blob.core.windows.net/contentimages/gallery/8d252a9d-c797-46a2-b00d-f30f3559d36c-Council-tax-scam2.jpg)
Everyone hates Council Tax, right? So what could be better than finding out you're due a refund from the taxman. Sadly, this rebate will end up costing you dear if you click on the link and fill out the form created by the scammers.
This con is commonly sent in March and April to coincide with the end of the current tax year and the beginning of the new one.
How can you be sure it's a fake? For starters, that is just about the least convincing email address we've ever seen – it doesn't even have a UK domain name!
Second, it doesn't address you by name and, finally, there are grammatical errors sprinkled throughout the mail.
Delete and ignore.
HMRC refund scams
![](https://loveincorporated.blob.core.windows.net/contentimages/gallery/894fe236-f81a-45f9-ab0f-6adf9060882d-HMRC-scam1.jpg)
Keeping with the taxman theme, this HMRC scam email was shared with us by a loveMONEY reader.
As with the Council Tax con, the reader was told she was due a nifty £585.11 refund "after the recalculation of your last fiscal activity."
Aside from the bizarre style of writing, there are spelling mistakes and a dodgy sender's email address.
And, most importantly, HMRC would not email you with details of a tax rebate.
Government Gateway Account scam
![](https://loveincorporated.blob.core.windows.net/contentimages/gallery/a4dda52e-a2ec-4697-ab2a-e7a0a46c09fd-HMRC-scam.jpg)
Similar to the HMRC scam, it's worth flagging up a slightly different approach. This scam works by claiming you are owed cash, but rather than ask you to fill out a form you're asked to set up a Government Gateway Account to claim it.
The Gateway Account is a genuine thing, which allows you to access various Government services online, but of course this scam takes you to a bogus lookalike page.
Lidl fake anniversary voucher message
![](https://loveincorporated.blob.core.windows.net/contentimages/gallery/3d559337-d1ce-4514-ba8c-8b94cee47863-Lidl-voucher-scam.jpg)
There are loads of fake supermarket voucher or coupon scams doing the rounds. This specific one we received on WhatsApp claimed to be from Lidl, but it could just as easily be from any of the major supermarkets.
It claims that Lidl is celebrating 25 years in the UK and is giving away £250 vouchers to celebrate. However, a quick search online shows that Lidl has only been in the UK for 23 years.
Generally speaking, anyone offering a voucher who wants you to hand over personal details first should be treated with suspicion.
x
![](https://loveincorporated.blob.core.windows.net/contentimages/gallery/730711c0-a77d-43f8-a1db-ed01180edb46-Waitrose-Facebook.jpg)
Here's a similar version that did the rounds on Facebook a while back. It was promising a £75 voucher for Waitrose.
This one looks pretty convincing, but if you look at the date you'll notice it's in the US format of month, day and then year, which is odd for a very British company.
If something seems to good to be true, it probably is.
McDonald's gift card scam
![](https://loveincorporated.blob.core.windows.net/contentimages/gallery/14e64d59-7073-4712-b3d0-638c88b805cf-Mcdonalds-scam.jpg)
Likewise, a complete stranger claiming to be from McDonald's, despite not having a McDonald's email address or the ability to spell McDonald's correctly, probably isn't going to give us a free gift card as promised.
Microsoft 'account recovery' mail
![](https://loveincorporated.blob.core.windows.net/contentimages/gallery/43847972-b320-4079-bd1a-2bcb1e5aa6c3-Microsoft.jpg)
This email appears to be from Microsoft and says that “recovery details associated with your account has been tampered with.”
It looks like it's from a genuine address – alert@outlook.office365.online.com – and it mentions you by name (assuming your name is in your email address), so it's easy to see why some might be fooled.
However, it's definitely not a genuine email. Poor grammar is the most obvious clue that this is a scam.
You are directed to click on a link entitled ‘Recovery Settings’. But if you do you are taken to a web page and asked to enter various personal details that the scammers may then use to steal your identity.
If you receive this email, delete it. If you have a Microsoft account you can double check your log-in details by opening your web browser and typing in the Microsoft website address yourself then log into your account.
Nationwide banking scam message
![](https://loveincorporated.blob.core.windows.net/contentimages/gallery/28026fe4-e9dd-41e9-a313-727bc273014c-nationwide.jpg)
Fruadsters are targeting Nationwide building society customers with a text message scam that claims a high-value purchase has been made on their card.
To verify whether this was made by the victim, they are asked to call a fraud prevention number that is actually owned by the criminals behind the scam.
While it’s easy to spot the scam if you aren’t a Nationwide customer, it could look convincing if you did bank with the building society.
It’s also worth noting that this scam can easily be changed to reference any bank or building society, so it’s not just Nationwide customers who should be vigilant.
As always, when it comes to suspicious texts and emails, the key is to never respond directly.
If you want to verify the information contained in the message, contact your bank or building society on a number that you have looked up separately.
NatWest fake Twitter support account
![](https://loveincorporated.blob.core.windows.net/contentimages/gallery/3f2f8d63-af37-455f-ab24-c24dce2e7fe4-NatWest-fake-Twitter.jpg)
As more people turn to Twitter in order to get customer support from their banks, criminals have starting seting up fake accounts that look just like genuine accounts.
They trick unwitting customers into visiting bogus websites or clicking on malware links so that the fraudster can steal their financial details.
Apologies for the grainy quality of this picture; it was the highest quality one we could collect before the account was deleted.
As you can (hopefully) see, it's designed to look like the @Natwest_Help account, except it contains the letter 'T' on the end.
The picture also shows how the criminals are attempting to direct customers to click on phishing links.
As with the Nationwide scam before, criminals are mimicking all major banks so everyone should be on the lookout for this con.
WhatsApp subscription charge scam
![](https://loveincorporated.blob.core.windows.net/contentimages/gallery/cce39ebb-7f12-42bc-a9b2-6324b2871a42-Whatsapp-subscription.jpg)
WhatsApp users are being targeted with a new scam aimed at stealing their bank details.
Criminals are sending messages claiming that the user’s subscription has expired, and that they need to purchase lifetime access for 99p by following the link included.
However, the link takes you to a page managed by the scammers.
This is a particularly clever con as WhatsApp did charge users 99p in the past, and only went free in 2016.
Tasco Banking scam
![](https://loveincorporated.blob.core.windows.net/contentimages/gallery/99d01e49-d2df-4852-a9b7-931f20475542-Tesco-bank.jpg)
Last, but certainly not least, is the classic bank phishing email. If you check your junk mail there's every chance you've already received one today.
There's an almost infinite number of variations, but the gist is there's an issue with your account and you need to fill out a form or phone a number, at which point your details and funds are pinched.
The example pictured above is supposedly from Tesco, despite the sender's email reading rtfritz@ptd.net.
The email begins by referring to us as "Customer" rather than by our name, and asks us to click on the link to avoid "temporal deactivation" of our account.
How to stay safe from scammers
![](https://loveincorporated.blob.core.windows.net/contentimages/gallery/6d729bd8-316d-403a-9fcc-b792028e3c31-Scam emails shutterstock.jpg)
You'll notice that the the advice for protecting yourself from these various scams is broadly the same. Whether it's an email, tweet or text message, do not click on any links or respond directly.
As our readers regularly point out when we cover thse scams, simply using common sense should keep you safe. If something sounds too good to be true, it probably is.
If you really don't feel confident enough to simply delete a message, contact the company in question by researching its details separately (perhaps by looking up its number on a previous bill, or looking it up on a search engine).
Comments
Do you want to comment on this article? You need to be signed in for this feature