• Routing # 253279031

    • Delete, Don't Click: Protect Yourself from Email Scams

    Published by on

    We’ve all been there, quickly reviewing our email inbox when an email catches our attention. It looks legitimate at first — an email from a delivery service, vendor, or reputable business urging you to act quickly. Before you click on any links, use caution to ensure it’s not a trap.

    According to the Federal Trade Commission, scammers stole over $12.5 billion from Americans in 2024. This number includes email scams, which are becoming more sophisticated and harder to spot. Protect yourself and your loved ones by learning to identify common email scams and what to do if you are targeted.

     

    Common Email Scam Tactics in 2025

    AI-Powered Phishing. As the use of AI (Artificial Intelligence) technology continues to expand, criminals are using it to their advantage to design emails that look legitimate. Scammers utilize AI to create realistic-looking emails, often designed to mimic legitimate companies, institutions, and people you know.

    Fake Websites & Apps. The links provided in scam emails might lead you to a website or app that looks identical to the legitimate one. Scammers design these websites and apps to make you feel familiar and comfortable entering your login information, which they steal.

    Urgent Requests. Scammers may use time-bound messaging to claim a problem with your account and urge you to “verify” information or transfer money to avoid any consequences, hoping to rush your better judgment.

     

    How to Recognize an Email Scam

    Recognizing an email scam can be straightforward if you know what to look for.

    • Unsolicited emails that request personal or financial information should raise red flags. For example, you receive an email from someone posing as a social media website. The email requests that you log in using the link attached to verify your password and other information to avoid your account being banned. The link leads to a fake website that will steal your account information once you log in. Legitimate companies and institutions will never ask for your password, one-time access codes, or full account numbers via email, text, or unexpected phone calls. 
    • Be cautious of emails that use urgency-based messaging to skew your judgment. For example, an "Urgent: Final Notice" email from someone posing as an IRS agent requests a “back taxes” payment within twelve hours to avoid severe legal consequences. Scammers use this type of messaging to scare and limit the victims' time to think about the information or payment requested and who is asking for it. Government agencies, like the IRS, will never request payments or threaten consequences through email.
    • Additional common indicators of a scam email include the sender’s email address and linked website URLs having different characters from those received from a familiar contact. For example, you receive an email claiming to be from your bank, but the sender's address is "security@yourbankk.com," and the linked URL in the email is "yourbankk.com." The use of the extra character, "k," is an example of a common tactic scammers might use to design their email addresses and URLs to look similar to legitimate ones.

     

    How to Protect Yourself

    To better protect yourself and your loved ones against email scams, consider implementing the following defenses:

    • Use strong, unique passwords and enable multi-factor authentication on all personal and financial accounts. This protects you against scammers accessing all your accounts if they somehow get information for one of them.
    • Never click on suspicious links or download attachments from untrusted or unfamiliar sources, such as an email, website, or text message.
    • Always verify information and payment requests by contacting the company, institution, or person directly using the phone number(s) or email(s) listed on their official website. Never use the contact information provided within an email that you deem suspicious!

     

    What to Do if You Suspect an Email Scam

    If you believe you have received a scam email or that your account may be compromised, contact the company, institution, or person the scammer is attempting to portray and the local authorities as soon as possible. Reporting the scam quickly can significantly reduce the chance of the scammer misusing your information and assist authorities with tracking scam patterns.

    Meanwhile, change your passwords and closely monitor your accounts for any unusual or unauthorized activity. Early detection of suspicious actions can help protect your assets and assist with reporting to the company or institution before significant transactions occur.

    Finally, report the incident to the Federal Trade Commission (FTC) at ReportFraud.ftc.gov. The FTC uses these reports to investigate and prosecute scammers, share information with the public about new or ongoing scams, and identify trends to further educate consumers.

     
    Tags:
    Back to Blog

    Related Articles