/ Technology

Have you ever fallen for a scam email?

Have you ever been sent an email saying you have a delivery on the way? Did the email ask you to open an attachment holding further details? Were you expecting a delivery? If not, then it’s most likely a scam!

Scam emails are an increasing threat, and if you’re unlucky enough to open the attachment they contain, your computer could be infected with a virus.

Spammers are thinking of more weird and (frankly, not) wonderful ways to infect your computer, so you need to be even more diligent with emails you aren’t expecting.

If you don’t recognise an email address, don’t open the email. If someone claims to have a delivery for you, and you aren’t expecting one, think to yourself: ‘How did they get my email address?’ Why didn’t they just attempt a delivery and leave a trusty old-fashioned ‘Sorry, you were out’ card on your doormat?

Don’t touch that attachment

We recently had an email sent to the Which? Computing Helpdesk from a reader in this exact position. He’d received an email with an attachment he couldn’t open and asked for our help. The thought that it was anything but a legitimate email hadn’t crossed his mind, even though he admitted he wasn’t expecting any deliveries.

After supplying me with the sender’s email address, a quick Google search found that the email was from a domestic courier company in America! Not only that – there were also lots of forum results with people advising others that this particular email was a scam and that it would install a virus if the attachment was opened.

Thankfully, this reader’s spam filter had worked in his favour, stopping him from opening the attachment and leaving his computer safe and virus free.

Don’t get scammed, get savvy

In an ideal world no one would send scam emails and no one would get caught out, but unfortunately, there’s no getting away from them. In today’s world of internet banking and shopping, it’s best to be slightly suspicious when dealing with emails.

The question is whether you think more can be done, either by email providers or ISPs, to stop scam emails from being sent and putting you in a vulnerable position in the first place?


I have not fallen for a scam email, but I may have binned a few emails that were legitimate.

I do not understand how anyone is taken in by scams, but maybe I have not seen any that are very clever.

jenny says:
10 January 2012

I have fallen for a scam before, i saved up £50,000 of my life savings; Mr Akedakwengu said that he was a Zimbawe leader and that he would use the money for investement banking; turns out my life savings hwne straight into his bank account and he then he became a Refugeee bye bye my moneys 🙁

Anon the mouse says:
10 January 2012

Just a couple of further tip…. Even if the email comes from a “trusted” account be cautious, faking an email address can be done in about 5 seconds.

Also if you think that the email from your bank,etc is legitimate, Open your browser and type in the banks webaddress directly. NEVER CLICK THE LINK.

Good advice, but beware of the fake websites with similar web addresses because mis-typing could take you to a rogue website. I have always found that the real web address appears when I do a Google search, though I do always check that it looks plausible.

Never fallen one. And I too have more than likely deleted legit emails cos of they why they use embedded links.

i.e. If the link says http://www.legitcompanywebsite.com then when I hover the mouse over it I expect to see exactly that in the address bar, and not http://www.wechoosetooutsourceourmarketingtosomeothercompany.com/redirect?=www.legitcompanywebsite.com or even simply http://email.legitcompanywebsite.com

If they can’t be truthful with the links I’m not interested in anything they have to say to me

And please nobody click on the links, even through I just made them up, you can never be too careful.

I also use the ‘hovering’ technique to weed out possible scam sites. However, you have to remember that a scammer can engineer the link so that even though hovering appears so show a legitimate link, the link you’re actually taken to is hidden and malicious.

I’ve received one or two scam e-mails and, on advice I heard online (http://www.actionfraud.org.uk/), forwarded them to this address to be investigated: email@actionfraud.org.uk. Hope this helps!

Action Fraud was mentioned on one of the Which? Conversations about the phone scam relating to computer problems. It would be good to hear from anyone who has found this useful or otherwise.

Particularly if you read between the lines AND as to nature/contents
of message AND as to quite often poor use/ command of the language,
you can spot them a mile off.

Never ever been taken in by these rogues.

I see them
I bin them

I can’t believe that anyone is naive enough to ever fall for them, especially the Nigerian CAPITAL LETTER scams!

I’ve never fallen for one – but have reported two very plausible ones.

The ‘rules’ are clear – do not answer “cold call” e-mails that have attachments – and no legitimate company asks you to rectify your details on-line.

Nasty spam this morning purporting to be from bhlive.

It is an invoice for 9 tickets costing £145 to probably a pantomime as 6 are for children and they are for 23rd Dec.

It has an attached zip file that supposedly contains the tickets. I dread to think what is in the attachment but I can imagine a lot of people will get caught out as the email looks very real and even the headers look real. It also shows the last 4 digits of a credit card number. I did check to make sure I don’t have one ending in those digits!

Full marks to Bournemouth Pavillion for putting out a recorded message saying they are aware of the problem and putting peoples minds at rest.

Which? fills many column inches on the subject of spam/phishing, but I always think it is missing the easiest solution of all: Gmail.
I have used Gmail for several years now, and its spam filter is extremely efficient. Every day I get from 3 to a dozen+ emails diverted automatically to my spam folder.
I work a system of reviewing the titles and marking the new ones as “read” (without opening them) and as I do this I can check for any that are not actually spam or junk. Very, very occasionally I’ll find an email that I think should not be in the spam folder, but only once in the last six months can I recall a phishing email arriving in my inbox.
Why all the fuss?

Gmail is certainly very good at separating emails that I want, from spammers. But I find that after a month I have 2000 emails in my spam folder until Gmail automatically erases them. I do erase them myself daily. I wish that there was a setting in any of the email providers that I could adjust when the spams were deleted. Perhaps after 3 days.