In the golden age of the internet, where your fridge might talk to your toaster and your cat has an Insta following, scam emails still remain as stubbornly old-school as ever. Some are about as subtle as a rhino in a pink tutu, while others are sneaky little digital con artists, lurking in inboxes like that dodgy con-sultant waiting for the tech director with a latte on a Monday morning.
So how can you spot real emails from the dodgy one from your son who has lost his debit card while backpacking and needs you to wire him £1,000?
You’ve probably seen emails like these many a time:
From: 102.g.lookee@looksgood.xxx
Subject: “Urgent require of your help!!!”
Body: “Hello dear I am needing your bank informations for trust transaction of $13,000,000USD please act swift!!”
Honestly, if your inbox had sound effects, these would arrive with a loud “SCAM ALERT” klaxon and flashing neon lights. They’re riddled with bad grammar, more exclamation marks than a teenage group chat, and email addresses that seem to have been created by a cat walking across a keyboard. They’re easy to spot; delete and empty your trash box!
But twenty years on from when you missed out on your distant cousin’s regal legacy, it has got a bit more cunning. These emails might claim to be from Amazon, PayPal, HMRC, or some other organisation you’d rather not upset. They often:
Look well-formatted (fancy logos, footers, the whole works)
Say something alarming like “Your account will be suspended” or “Suspicious login detected”
Include a button that says “Click here to verify your details” (spoiler: don’t)
But look closer and you’ll often find:
The sender’s name says “Amazon Billing Department” but the email address is amazon-bills-confirm2024@cashgrab.net
Weird or overly urgent language, like a panicked robot: “IMMEDIATE ACTION REQUIRED!”
A generic greeting like “Dear Customer” (because they don’t know your name)
If someone really wanted to protect your account, they probably wouldn’t email you in “caps”…
Sometimes the email is from someone you know. A colleague, a friend, your Aunt Susan who always bakes those weird lavender scones over Easter, and yet, something feels off:
The message is vague: “Hey, check this out!” followed by a link that smells like malware.
The tone is wrong: Aunt Susan never uses phrases like “bro” and still thinks Snap is a game to be played at Christmas when she’s had a couple of sherries.
There are attachments with mysterious names like invoice_doc_final_final_NEW.xlsm
However, real people’s accounts do get hacked and this is where it gets dangerous because when they do, the messages that land in your inbox look far more trustworthy. If in doubt, don’t click; just send a separate message to the person (via another channel if possible) and ask, “Did you mean to send me this an Excel file while you were on holiday in the Maldives?
If you’re ever in doubt, here’s a quick checklist:
✅ Check the email address, not just the display name. If it says “Apple Support” but the address ends in @totallynotapple.helpme.ru, run.
✅ Don’t trust links, move your mouse to hover before you click. If the link says paypal.com but the hover preview says paypal-security-verification.trouble.biz, that’s your red flag flapping in a scammer wind.
✅ Spelling and grammar still matter. It’s 2025. If a multinational corporation can’t string a sentence together, it’s probably not them.
✅ Think about what they’re asking. No real company needs your password, your full banking details, or access to your webcam “for verification.”
If an email gives you the heebie-jeebies, trust that gut instinct. Call the person it’s supposedly from or go to the actual website rather than clicking the link. Call your IT-savvy mate.
I’ve got to the point where I haven’t answered any unknown callers for many years; if you’re not in my contacts list, chances are 99.99999% that it’s either a scammer or they’re working for a local charity that doesn’t feel that GDPR applies to them. Either way, I am not letting them into my life.
Photo by Hannes Johnson
