< Back to Insights

Tips on how to spot an email scam

Reading time: 10 minutes
Scottish FriendlyFebruary 26, 2024

Here are some top tips to follow to avoid email scams and safeguard yourself from fraudsters trying to steal your personal information and bank details.

What is an email scam?

Email scams, also known as 'phishing' scams, have become increasingly common as fraudsters come up with new ways to try and steal your personal information and bank details.

These scams often involve a fraudster sending you an email pretending to be from a well-known provider or retailer. The email typically contains links that when you click on them, send you to a spoof website where you're asked to enter your personal information. If you do this, you'll sadly be sharing your details with the scammer.

In some cases, scam emails contain malicious software which can infect the device you are using with a virus. If you think that an email might be from a scammer, then the best action is not to click on any of the links or download any the attachments in the email. Stay security-savvy and ensure your antivirus software is always up to date, giving you an extra layer of protection.

How to spot an email scam

Email scams can be incredibly tricky to spot. Follow our top tips to spot and avoid falling for a scam.

1. Check the sender's email address

This can be a good way to spot an email scam immediately, as a scam email will usually come from an email address that is unrecognisable. It may consist of random numbers, letters or words that have nothing to do with the organisation, which is a good indicator that it is an email from someone trying to impersonate them.

To find out if there’s a scammer behind what appears to be a genuine email, you can also hover your cursor over or even right-click on the sender's name. This will mean that you should be able to see the email address behind it.

2. Is the greeting impersonal?

Some email scams include your name in the first line of the message. However, not all do.

Sometimes scam emails will just say 'Hi' and not include your name, or in some cases your email address will be used after 'Hi'. This impersonal approach implies it’s likely to be a scammer behind the email, giving you the sign not to respond or engage with it in any way.

3. Check contact information and dates

Hover your cursor over anywhere you'd usually expect there to be a link in the email.

A good place to start, for example, is at the bottom of the email by checking for 'contact us' buttons or even links to terms and conditions. 

By hovering your cursor over any links, you can see the URL (website address) that you'll be sent to without you having to click on them.

It's also worth checking if there are any dates in the email that are correct or not. Often scammers will forget this level of detail.

4. Check the branding

Another check you can make is by looking at the quality of any brand logos that appear in the email. For example, if the images are pixelated (blurred), this can strongly indicate that you have received a scam email.

Now play Sherlock Holmes. Compare the branding in the email to the company's genuine website or any genuine emails you've received from them in the past. Elementary, my dear Watson!

5. Check if the linked website is legitimate

If you've clicked through to a website from an email thinking it is genuine, then double-check the authenticity of the website before you enter any details. 

This domain information checker link (just so you know, the link will open in a new window. These links are an external organisation, and Scottish Friendly is not responsible for their content) Who.is will show you when the website was created. If it was created recently, it's likely to be a dodgy one.

If it’s a big brand or company being impersonated, it's time to play Sherlock again. Pen a new tab and visit its genuine website to compare the URLs.

If you haven't yet clicked a link but are being asked to do so you can, for example, access a message on your account, avoid the temptation to act quickly.

Instead, open a new browser tab and go to the company's website to log in to your account. If no message or alert is present in your account with the company, you'll know the email is someone trying to impersonate them and it's dodgy.

6. Is the email asking for personal information or bank details?

If an email asks you to update or re-enter your personal information or bank details out of the blue, it is likely to be a scam.

Most companies will never ask for personal information via email. At Scottish Friendly, we will never email or call you to disclose or verify your debit card or bank account details. If you are contacted or receive an unsolicited email which asks you for these details, it is likely to be from a scammer.

7. Does it have poor spelling, grammar and presentation?

Whilst scammers are getting much smarter at better presenting phishing emails that are more or less free of poor spelling and grammar, you should still watch out for these tell-tale signs.

A lack of consistency may also be noticeable with the presentation of the email, for example it may include several different font styles, font sizes and a 'mishmash' of logos.

8. Is it trying hard to be 'official'?

Scammers often try way too hard to make a suspect email sound official. There's a number of ways to spot this, including by using the word ‘official’.

When you think about it, in a truly official email you're unlikely to see content that's shouting about how official it is.

Scam emails may also contain information such as account numbers and IDs designed to trick you into thinking the email is genuine. In this scenario, a good check would be to compare them against your records to see if they match.

9. Is it trying to rush you?

Fraudsters will try to pressure you with time-sensitive offers, because when we make fast decisions, we often don't take as much time to think and notice what we might see otherwise with more time to consider. Often they will be encouraging you to act now or miss out on ‘exclusive’ deals.

So it's important that you allow yourself to take your time, to make all the checks you need. If the message relates to an account you have with a service provider or retailer, you should log in separately to your account in a new tab or window

Isn't it better to miss out on a genuine deal than risk compromising your personal details?

10. Check with the company

If you’re still unsure whether a scammer is behind the email you received, get in touch with the company featured in your email directly via social media, its 'contact us' page or pick up the phone. Genuine providers will be happy to help you and will want you to get in touch with them, so that they can help you to keep your data safe. By contacting the provider, you may also be helping them to look after and alert other customers or relevant establishments of any potential wrong doing to prevent customer harm.

Big companies are sometimes aware of scams and publish advice for customers on what to watch out for. You can visit our support hub to see our helpful information.

Our latest posts

Autumn Budget 2024 – An Overview

Reading time: 5 minutes
Scottish FriendlyNovember 1, 2024

Friendly Glossary of Terms

Reading time: 15 minutes
Scottish FriendlyOctober 7, 2024

Some of the factors that could influence investment performance

Reading time: 8 minutes
Scottish FriendlyOctober 3, 2024

Newsletter sign up

Be the first to hear about our special offers, latest news, product details and handy financial tips.

By submitting your details you are confirming that you're happy to receive newsletters from Scottish Friendly. Your information is important to us and you can unsubscribe at any time. Please read our Privacy Policy for full details.