/ Money, Technology

Could you spot a scam email?

scam email

The Office of National Statistics reports nearly six million fraud and cyber crimes are committed every year, with one in ten falling victim. So are you savvy at spotting scams or could a fraudster fool you?

If I believed everything I read in my junk folder I would be the lucky winner of countless competitions I didn’t enter, apparently several banks need me to urgently confirm login details and PayPal is threatening to close my non-existent account.

Many scam emails are easy to spot – any message addressing me as a ‘valued customer’ is immediately expelled to the virtual bin. But, so-called ‘phishing’ attacks (messages that attempt to trick you into revealing personal or financial information) have become increasingly convincing.

Spotting a scam

For the first time, the Office of National Statistics has revealed the true scale of people hit by cybercrime and fraud showing that people are 20 times more likely to become a victim of fraud than they are of theft.

When we asked over 1,000 members of the public if they could spot the difference between real and spoof emails, we found that many people were fooled by more sophisticated scams.

A quarter of them fell for a fake BT email asking customers to update their email addresses – the links embedded appeared as ‘bt.com/ linkemail’, but in reality these led to a bogus web page where scammers could potentially steal their details.

An Apple iTunes message asking recipients to confirm a specific purchase split the public right down the middle: 50% correctly identified it as a phishing attempt, but the rest were either unsure (27%) or convinced that it was a real message from the company (23%).

The public were on the ball when it came to a ‘NatWest’ email though, which 79% correctly identified as a fake. And a ‘PayPal’ email which 74% recognised as a scam.

However, in both cases a handful of people were duped by the forged sender addresses which appeared to come from the real companies. If they’d fallen for these messages in real life, they might have handed scammers everything they needed to commit ID fraud – or even raid their bank account.

Test your scam spotting skills

So how do you think you’d fare at spotting a scam email, why not put you scam spotting skills to the test in our quiz.

How did you do? The truth is it can be tricky to spot some scams as some can be very sophisticated and convincing. Fraud has reached record levels costing us £9bn every year. That’s why we’re calling on the government to take action and ensure businesses are doing enough to help safeguard us from scams.

So have you come across any dodgy looking emails recently? What did you do with them?


Is that quiz in the above Convo for real ? .I labeled them all fake , it said 3 out of 7 but some got passed you ?? Really ?? NONE got passed me , I pass myself 100 % safe . Because some were real you judged them as allowing fake ones to pass through -wrong ! . Thats twisted logic . For the record —its been many years since I let an bad email through–scammers/ rip-off emails / phishing emails etc . In the early days of Internet use –yes but now I can not only see them as fake , I can smell them as fake, Look at the URL for a start and there are other ways to see if it is genuine or not.

tim says:
24 July 2016

Fully agree, Duncan. I’ve just failed the first example(by marking it as fake). But the loss for marking a real email fake is minimal compared with the other way round. And the test emails did not allow you to test where they’d come from or where the reply would go. OK as consciousness-raising exercise, but must be marked down heavily for not taking into account relative risks!

Marilyn Smith says:
28 September 2016

Lucky you – after the first one all I got was black, blank pages!


Marilyn – do you have any security plug-ins relating to java script or other types ? I have disabled two of mine on Which otherwise I would have big problems .


I agree with Duncan. No responsible company should be expecting us to click on links in emails. The only safe advice is to ask us to look up the contact details of a company (or other organisation) and contact them. I have not been scammed and don’t expect to be.


I managed 6/7, but a couple I put as real i was nervous about because they contained links. I ignore any links in an email and go direct to the site, either through a web search or, it is my bank etc, through the link I have stored. You never know whether a link purporting to be an email response, or an opt out, is what it says. (Well, experts no doubt know looking at the URL, but most won’t I suspect). We should encourage institutions that may make us vulnerable not to use links.


URLs can be spoofed, just like email addresses. Many of the links don’t even show the URL, just a button or highlighted text. This has been known for years and it needs more than encouragement to address the problem.

Which? should not recommend any company that fails to take security seriously.


wavechange – email URL,s can still be spotted even if they block you by “boxing” part of it and adding > which stops you getting the full URL . As a matter of fact (BT are you listening ) a persistent guy is still trying this out thinking i am stupid enough to to click on porn etc . Never going to happen ! but it shows up Critical Path very badly.


For a deeper analysis , for those unsure of whether to click on a website go to -scamadvisor.com and urlvoid.com , input the website and they will let you know if it is legit or not . Both of those organisations are of long standing and good reputation on the web.