I received an email earlier today that is quite sneaky, and has been fairly well put together to scam people.
If you have a subscription to an anti-virus or security suite provider, such as AVG, Norton, McAfee, CA, Trend-Micro or any of the numerous others, then you will quite likely receive emails on an annual basis letting you know that your subscription needs to be renewed, or offering you upgrades, or some other deal.
If you have a look at the screen shot below of the email I received, there are a few things to look out for:
- Check the from name. These can easily be faked, but many scammers don't, and in the case of the email I received, as you can see, the from name is simply a generic name: "Antivirus & Security. Every security suite provider I have dealt with uses their name as the from name, or at least as part of the from name.
- Check the from email address. These can also be faked, as you can see in this email, it is just a Gmail address. Legitimate providers will usually email from their own domain name, not from a free webmail account like Gmail.
- Check the email subject. In general security suite providers will mention their name in the subject, and if for example it is your subscription that needs renewing, they will generally say that in the subject, for example it may say "Subscription Renewal Notice" or "Subscription Expiry Notice", or anything similar. This one simply offers complete antivirus protection solutions for download.
- See what they have to say. This particular email has referred to me as a valued customer in their opening by saying "Dear valued customers", this is designed to make you think you are already a customer, thus encouraging you to trust them and to subsequently do what they are asking you to do. In my case, I don't have any current security suite or anti-virus suite subscriptions that are related to the email address this email was sent to, so that puts me on alert to start off with.
- Pay attention to the spelling and grammar. Often scam emails have bad spelling and grammar, on the other hand legitimate emails from your provider are generally written by professional writers and checked over to ensure they are clear with no spelling or grammar mistakes that may lead to confusion.
- Look for branding. If all else fails, this can be key, what is the branding in the email? Does it match your subscription provider? In this email there is no branding at all, even the copyright statement in the footer simply states "Antivirus and Security".
- What does the fine print say? Sometimes there isn't fine print, but in this particular email the fine print states that the provider has nothing to do with any software, they just provide links to it, and what you do beyond there is up to you. So this can give you a bit of a hint to how legitimate the email actually is.
In the end it comes down to you, your anti-spam software might catch a lot of spam, but some things are going to be very similar to legitimate emails, which means either legitimate emails will get filtered as well, or the fake ones can't. Sometimes you can get around this, but most of the time it's not possible, or at least not feasible.
The bottom line, be careful what links you click in emails and what information you give out on the internet.