Table of Contents
What is Scamming?
How Scamming Works
Some of the scamming schemes include:
- Tech support scams: A fraudulent company informs you that you have a virus and asks you to hire them to fix it.
- Foreign money exchange scams: You are offered a large payment to help with a foreign transfer of money, but first you must pay fees or taxes. This is also commonly referred to as a ’Nigerian’ fraud.
- Charity scams: A national or personal tragedy occurs, and scammers send emails asking for donations to help the victims. The donations go to the criminal, not the victims or any legitimate charity.
- Current events-based scams: It’s not unusual for scammers to try to monetize tragedies, such as hurricanes, the COVID-19 crisis, and other disasters. Scammers prey on an individual’s sympathy, charity, or fear.
- Investment scams: Scammers impersonate stockbrokers offering financial advice or low-risk, high-return investment opportunities.
Unfortunately, many individuals fall for email scams, unwittingly sharing sensitive information or making payments to scammers.
Why Scamming is Important
How to Avoid Scamming Attacks
Deploy spam and virus filters. If your email security spam filters are properly set up, most spam and many scamming messages will never make it into your users’ inboxes. Make sure your filtering includes virus scanning, spam scoring, real-time intent analysis, reputation checks, and URL link protection.
Do not respond to spam. People are curious enough about scams that they respond either out of curiosity, to unsubscribe, or to ask for more information. By responding to scamming emails, you demonstrate to senders that your email address is valid, and this will lead them to send you more spam. Train your users to avoid responding to or forwarding spam messages.
Get AI-based protection. Attackers are adapting their techniques to bypass email gateways and spam filters, so a good spear-phishing solution that protects against email scams is a must. Artificial intelligence-based protection can identify and block abnormal messages and requests that could signal email scams.
Train users to identify email scams. User security awareness training helps every employee recognize, avoid, and report potential threats that can compromise critical data and systems. As part of the training, mock phishing and other attack simulations are typically used to test and reinforce good behavior.