Every time you get an email you should be checking to see if it is real. There are some very easy ways to spot of a scam which can save you time and heartache.
You can also watch this video at YouTube.
Watch more videos about related subjects: Security (133 videos).
You can also watch this video at YouTube.
Watch more videos about related subjects: Security (133 videos).
Video Summary
In This Tutorial
Learn how to identify scam emails by examining various clues like the sender, links, phone numbers, and formatting. Understand how to investigate further if you're unsure about a message.
Check the From Email Address
Click the arrow next to the sender's name in Mac Mail to reveal the real email address. Scam messages often use fake names or personal email services like Gmail to appear legitimate.
Everything Can Be Faked
Even if the sender address looks right, it could still be a scam. Each clue is only part of the puzzle—none are guarantees of legitimacy.
Examine the Links
Hover over links (or long-press on iPhone) to see the real destination. If it’s not the official site, it’s likely a scam. Be wary of links that use legitimate-looking text to disguise malicious URLs.
Research Any Phone Numbers
Search the company’s real customer service number and compare it. Or search the number itself—if it’s fake, others may have posted about it.
Two Truths And a Lie?
Scam emails often include some real info to earn your trust, then slip in something fake like a bad phone number or link.
Look For Generic Greetings
Scam messages may say “Dear customer” or use your email prefix instead of your name. Real companies usually greet you by name or not at all in generic mailings.
Look For Bad Grammar Or Odd Phrases
Watch for poor spelling, strange phrases, or inconsistent style. Scammers don’t put the effort into clean, professional language.
Odd Formatting And Graphics
Pixelated logos, mismatched fonts, bad layout, or weird colors are red flags. Compare with real emails from the same company if unsure.
Beware Of Urgency
Scammers use pressure tactics like “Act immediately!” or “Call now!” to push you into acting before thinking.
Too Good To Be True
Claims of refunds, prizes, or free money are nearly always scams. You don’t win contests you didn’t enter.
Real Business Isn't Done Like This
Real businesses don’t send forms by email asking for personal info. If you’re in the market for a service and the timing feels right, that’s what they’re counting on.
Recognize Common Ploys
- Your account has been suspended
- There’s been unauthorized access
- Your password has expired
- You've received a fake invoice
- Government fee or toll road bill
- Delivery issue for a package
- Job offer out of nowhere
- Fake virus alert from Apple or Microsoft
What To Do If You Aren't Sure
If you’re unsure, check whether the company is real and whether you’ve done business with them. If not, delete. If yes, continue investigating—but not via links or phone numbers in the email.
How To Properly Investigate Further
Go directly to the company’s site by typing the address or searching for it. Log in to your account or call a verified phone number, like the one on your card. Don’t click, call, or reply to the email.
Video Transcript
Hi, this is Gary with MacMost.com. Let me show you how you can figure out if an email is a scam.
So let's say you get an email message. It can be good news. I can be bad news. It could be just something concerning or alarming. How do you know if it is real?
Well, there are many different ways to be able to tell by just looking at the message and carefully examining different parts of it.
The first thing you should check is the FROM email address. But names can be deceiving. For instance, you may see a name in the From email address or even some sort of title organization but that doesn't mean that's where the email came from. If you look carefully in Mac Mail you'll see a little symbol next to the name. A little arrow pointing down. If you click on that it will reveal the actual email address that is behind that name. By looking at that email address you can figure out whether or not this is real. For instance an email from your bank should not be coming from a personal account, like gmail or iCloud or Yahoo, or anything like that. It should be coming from a domain that is most definitely your bank. For instance here's an email that appears to come from an online store. But does it? If you look at the name up here you'll see it has the name of the store. So, so far it checks out. But if you hover over and wait long enough, or simply click here you'll see the actual email address and you can see it certainly not coming from the store. But it can even be a little more misleading than that because the name can be anything. It can be a company name, it can be a person's name, or somebody can just put an email address as the name. So you see what looks like a legitimate email address. But when you hover or click you'll actually see the real email address behind that name is not that email address you see.
Before we go any further I want to make it perfectly clear that each one of these techniques will help you identify an email as a scam. But even if all of these checkout it doesn't mean that the email is legitimate. If you detect something like this From email address being wrong then it is almost certainly a scam. But if you don't see that problem then it just doesn't tell you anything. The name and the email address can both be faked in a message very easily, in fact. So just because you see the real email address there doesn't mean it is real. The same is going to be true for the rest of these. So many videos and articles skip over this very important point. You basically can use these techniques to determine if something is a scam so you can quickly move on with your day. But, just because everything checks out doesn't mean you shouldn't be on guard. It can still be a very well crafted scam that avoids all of these problems.
So often scam emails want you to click a link to go to a website. The website is going to be a scam website. It may look like the real thing but it is not! You can figure out if the link is good or bad before you even click on it. For instance a link here, like this one, you can simply move your pointer over it and you'll see the actual location that it will take you to.You can do this on the iPhone as well even though you don't have a pointer to hover over. You can tap and hold, don't release, but hold until the URL is revealed. Then you can review it without ever going to the site. In this same email message here you can see there's a link to view the order. If I hover over it you can see that the domain there is NOT Amazon. This link is clearly part of the scam and it is going to take you to some place where it is probably going to prompt you to enter in some personal information or maybe even login to the site, thus stealing your password.
Links can also be deceiving. For instance a link like this one can simply use the text that shows a website as the clickable text. But the link, if you hover over it or long tap it on your iPhone will show you it actually doesn't take you there at all. It is just using that domain name as the text for the link and the actual link goes somewhere else.
If you find these videos valuable consider joining the more than 2000 others that support MacMost at Patreon. You get exclusive content, course discounts, and more. You can read about it at macmost.com/patreon.
Now in addition to being wary of the From email address and any links, you also want to be very careful with any phone numbers. The point of the scam could be to get you to call the number. You can confirm the number pretty easily by searching in two different ways. One is to search for the actual customer service number from that company. If it doesn't match the one in the email you know it's fake. But, also you can search for that number and often you'll come up with posts of people complaining that this is a scam.
Now it is important to point out that the way that a lot of these scams emails work is they provide you with some true information hoping that you'll take the false information at face value. For instance the From email could look legitimate. The links could look and actually be legitimate. But the phone number could be fake. The idea is that if you see the link is good you'll trust the phone number or perhaps if you see the phone number is the real one you'll trust the link. They don't need you specifically to fall for the scam. They just need hundreds of people, out of the thousands that they have emailed, to fall for the scam.
Here's something easy to spot without actually checking anything more than what you are already seeing. Look at the greeting. Scam emails very often include a generic reading, like Dear Customer or just an email address as the name instead of your real name. Companies you actually do business with, they know your name. It's part of your account. They are going to most likely either address the email message to you by name or if it is some sort of generic message, like a newsletter or something, it wouldn't have a name in it at all. But a lot of scam emails will show strange things like this and that gives you a clue that it is probably not real.
Here's a scam email and you can see right away they address you as Dear Customer, even though if this was legitimate they certainly should know your name. Here's another one where they take the text before the @ in your email address and use that to address you. There's a lot of people talk about bad spelling and grammar in scam and spam email messages. This certainly is true. You often do see very weird things, like weird phrasing, like companies wishing you well and using formal greetings. Words that are spelled wrong or using spellings from a different region or just plain grammar mistakes. Professional companies typically don't have these kinds of mistakes in there. They want to make sure their emails look good and all of that. But scammers don't usually worry too much about this.
There are lots of reasons why. But one of them is simply is that when they send out some of these scam email messages, they send them out to a ton of people, and they get plenty of responses. They don't need to get better at this. It's like if you go fishing and the bait you're using isn't particularly good but you're catching tons of fish anyway. So why would you spend anymore time or money on better bait.
Once again I really want to get across the idea that just because one of these things isn't met, like if the grammar and spelling is perfect, it doesn't mean it's not a scam. You should not only look at all the things I'm telling you about but still take precautions that I'll talk about at the end.
Now in addition to spelling and grammar a lot of spam and scam emails have formatting and really bad graphics. Like the logo is pixelated or has like a background to it, or there's like centering or colors or stuff that you wouldn't expect from a nice professional serious email. For instance looking back at this email message again, that's not the paypal logo right there. That's some weird version of it. You can easily confirm that if you use PayPal a lot you probably have a bunch of other PayPal emails in your email archive. You can just look at them and see how a real PayPal email is supposed to look.
Another thing that scam emails often feature is urgent or threatening language. They want to create a sense of urgency to override your normal everyday caution so that you think that something is wrong and you need to act quickly. This message here uses the term, please contact customer support immediately. This one here wants you to contact the customer support team right away.
Now a whole category of scam emails are about prizes or refunds. Somebody wanting to give you money. We're often on the alert for negative messages. But good news sometimes will catch us off guard. If we see somebody wants to give us money, well where is the scam. Right! But of course these messages are all about getting information from you. Sometimes they even go further and ask you to pay money in order to get more. But, of course, the whole thing is a scam. You often see stuff like this, claiming that you've won some sort of prize. Or something like this where somebody just wants to send you something for no reason. This stuff really doesn't happen. You don't accidentally signup for a sweepstakes or get entered in some sort of prize and then get a notification like this by email. It's always a scam.
Here's one that is somewhat rare but sometimes emails will ask you for information directly. Like they'll send you an official looking PDF form and they want you to fill it out and send it back. They send these things out to millions of people hoping that just coincidentally some people may think it is real. For instance you may be looking for an apartment or buying a house and get some sort of form sent to you that looks like it's about that. But this was just sent to a million people and you just have happened to gotten it at a time when it is reasonable to expect something like that.
Finally the best way to recognize scam emails is to be familiar with the common ploys. So, for instance, it's very common to get an email saying your account has been suspended. This creates a sense of urgency. You're also a little outraged and wondering what you could have done wrong. But in fact it is just a scam. You also may find a similar one where it says there has been unauthorized account access, like your account may have been broken into. They want you to feel like this is really urgent. Like you need to logon right away. For instance, here's one trying to get you to urgently click on this link because somebody may have logged in from a completely different country. But, of course, this number here is fake. If you call it you're going to get scammed.
A lower stakes version of this is simply to tell you that your password has expired and you have to login to update it. Anytime you get anything that is an invoice or a receipt or anything like that and you don't recognize it, it's almost certainly a scam. Like, for instance, here's one showing that you ordered something that's fairly expensive. They give you a fake phone number to call. There are fake links and everything in it. Even if you don't have an account with this company you are made to think, oh somebody has stolen my credit card information and is buying something from them. Sometimes they try to make it even more urgent by looking like you haven't actually been charged for anything yet but you will be really soon. Sometimes it look like they come from government agencies, like you owe some fees or taxes. Things like that. A really common version of this is getting a bill for a toll road. This is happening a lot by text as well as email. Like here is a message you may see and you can see the message here, the email address probably isn't correct and this link here, well, this link here you can see it certainly junk.
Another common one deals with packages. We're all getting packages all the time nowadays. So it's probably pretty likely if you've got an email message saying that there is trouble delivering a package that you do have something that's kind of on the way. This will have you drop your guard and check it out, perhaps clicking on a bad link in the message.
Job offers are another one. Tons of people looking for jobs all the time. So when you get a message like this you could think it is in response to a resume or application. Of course a classic one is an email message, text message, or even just an alert at a website that tells you that a virus has been detected on your computer or device. Of course, whoever is sending these to you they have no way of knowing what is going on your device. They'll often say that they are from some reputable organization, like perhaps Microsoft or Apple or you internet provider.
Okay. Let's say you've seen a few red flags but you're still not sure. You think you want to check it out. What's the next step? Well, here's a handy flow chart. The first thing you should consider is the sender or company mentioned in there a real company. Like one you actually know of and have you actually done business with them. Like did you order something from them. Is it actually your bank, that kind of thing. If not then go right to deleting the email and moving on. There's no reason to investigate further.
However, if it is a real company, you recognize it, and you have done business with them then you have to decide do you want to investigate. It's okay to say no. Delete the email and move on. If it is really important you'll get more information later on. You'll get a letter in the mail. You'll get a phone call. You'll see, when you try to use that site or service that something is wrong. If something is truly wrong that email is not the only thing you're going to get. If you still feel you want to investigate here's how to do it.
Don't click on any link in the email message.
You don't call any phone number shown.
Certainly, Don't reply to the message.
Instead you go right to the site or service. You should have the link already in perhaps previous messages you've gotten from the company. Or you can just do a regular web search to make sure you go directly to the main home page for that company. You log into your account and then you check your messages. You see if there is any notifications or anything like that. If it is an issue with a bank or credit card you should call the number on the back of the card that you got from them. Call and talk to their customer support and see if there is a problem. So always remember to keep your guard up against scam emails. Keep up to date on the latest techniques they are using, and never think that you're too smart to be scammed. The internet is filled with stories of people that thought they couldn't get scammed, yet they did. Nobody can keep their guard up at all times. So you just have to stay as vigilant as you can. Thinking about these scams and learning about them is the best way to recognize them.
I hope you found this useful. Stay safe and thanks for watching.
Gary, thank you for taking the time to do this video. You are absolutely correct that we all need to be constantly vigilant. Everyday the news has articles about people we would never suspect both getting caught up in a problem and those that have problems (addictions, etc.) whose behaviors create havoc and stress for the community. Your advice is clear, complete and concise - the marks of good communication; as you all ways provide.
Gary, Thanks for this video. Everyone needs to be reminded of how the scams get you to react. For the last 6 years I have volunteered at our senior center's computer lab and have seen it all. Even one person letting a remote "free PC service" get into her bank account. I am a retired IT guy who also fell for what looked like a deal on Facebook Marketplace. $69.00 was worth the lesson, and reinforced the information you provided here.. That taught me that I need to be careful too.
Thanks so much for doing this video. Even tho I already knew all of this, it was good to have it all confirmed. Is this ok to share this page on Facebook? I’ll tell people that this is not just for Apple users and could apply to anyone. Good to have the Video Summary that everyone should print. Just bc I wrote I have done everything you mentioned, there have been times when I am distracted or tired when I have almost clicked on something. Worth it to be skeptical.
Sometimes the bad grammar or spelling is intentionally wrong because the target demographic would not be able to tell, so it filters out the less gullible
Janet: Yes, please do.
I have a question about the preview feature that allows you to see a few lines of an email without actually clicking on it. Since we are asked to avoid clicking on unfamiliar emails, does viewing this email preview count as having clicked on the email? I guess I don't understand how the preview is presented without having actually been clicked (by me or by my email client). I hope this question is indeed related to this topic.
Jose: It is clicking on a LINK IN AN EMAIL that you have to be careful about. Viewing and email is fine. Otherwise, email would be pretty useless.