5 email scams to watch out for right now - Which? News (2024)

Scam emails with malicious links or dodgy phone numbers continue to be one of the most prevalent methods used by criminals to con victims.

With a quarter of people receiving suspicious emails every day, it’s becoming more difficult to separate genuine emails from those designed by fraudsters.

Below, we detail five email scams to watch out for right now and how you can spot and avoid these emails.

Sign up for scam alerts

Our emails will alert you to scams doing the rounds, and provide practical advice to keep you one step ahead of fraudsters.

Sign up for scam alerts

5 email scams to watch out for right now - Which? News (1)

1. eBay scam email

An email impersonating eBay tells you that your purchase of an Apple iPad Pro costing around £2000 has been confirmed.

It says that the order has been shipped and includes a number to contact immediately if ‘you didn’t place this order’.

This is known as a vishing scam, where fraudsters either call you or get you to call a number while you’re on the phone they attempt to steal your personal information.

Typically, they’ll ask you to confirm some of your account details or, in some cases, scammers will tell you that your device has been compromised and get you to download remote access software. This will then enable the scammers to access to your device to 'help' you.

2. Pegasus spyware

Google Trends data shows that Google searches for a Pegasus spyware email have spiked in recent days.

The email is an example of a sextortion email, where scammers attempt to blackmail you into handing over cash, usually in Bitcoin, to stop them exposing personal images and videos of you.

The email it’s sent from appears as if it’s sent from your own email address and tells you that Pegasus is a spyware program which has been installed onto your device.

It goes on to say that the sender has access to ‘your webcam, messengers, emails and call records’ and has recorded intimate videos of yourself which they will send to your ‘friends, family and co-workers in a few clicks’.

The scammer includes a link to their Bitcoin wallet and asks for thousands of dollars to delete all the images and videos they have of you. They also claim to be able to monitor all your activity.

This email is intended to incite panic, but there’s no need to worry. Hackers don’t have access to your device so you can safely disregard this email.

3. MetaMask email scam

5 email scams to watch out for right now - Which? News (3)

Interest in an email supposedly from cryptocurrency wallet MetaMask also spiked in recent days, according to Google Trends data.

The email, titled ‘Immediate Action Required: Suspension Alert', tells you that you need to ‘update your wallet’ to comply with ‘global regulations’.

It also says that you may not be able to access your wallet if this update isn’t performed before a specific date and includes a dodgy link to ‘Update now’.

MetaMask makes it clear that it will never send unsolicited emails as it doesn't hold personal information on its users, including names and email addresses.

4. Royal Mail impersonation

Scam messages impersonating postal services are always a popular phishing method amongst fraudsters and Google searches for emails sent from ‘royalmail@royal-mail-infos.com’ have recently spiked.

These emails tell you that there’s been an ‘unsuccessful delivery attempt’ of your parcel and that you need to pay a small fee for it to be redelivered.

A phishing link in the email will then lead you to a malicious website where your details will be stolen.

5. Life insurance scam

5 email scams to watch out for right now - Which? News (4)

Action Fraud, the UK's fraud reporting centre, recently reported receiving 800 reports of scam emails pretending to be from companies selling life insurance.

These emails are sent from random email addresses and always include a phishing link.

They tell you that if you answer a few questions, you’ll receive quotes from various insurance providers. These emails are designed to steal your personal information.

Spotting and reporting scam emails

All unsolicited emails should be treated with caution and some signs that an email may not be genuine are:

  • The sender's email address not matching the company’s official email address
  • An impersonal greeting
  • URLs that aren’t the company’s official website when you hover over links - avoid clicking these links when you inspect them
  • Out of date information in the body of the email
  • Blurry or unofficial branding
  • Emails which ask for personal information or bank details
  • Poor spelling, grammar and presentation
  • Emails which try hard to be official
  • Emails which claim you need to react urgently

You can report scam emails by forwarding them to report@phishing.gov.uk.

If you've fallen victim to a scam, call your bank immediately using the number on the back of your bank card and report it to Action Fraud or call the police on 101 if you’re in Scotland.

5 email scams to watch out for right now - Which? News (2024)


What is suspicious about this email? ›

Poor grammar and spelling errors. An unfamiliar greeting or salutation. Requests for login credentials, payment information or sensitive data. Offers that are too good to be true.

What are the red flags of phishing emails? ›

Sense of urgency or threatening language. Unfamiliar or unusual senders or recipients. Spelling or grammar errors. Request for money or personal information.

How to check if the email is spam? ›

1: Check the sender's email address

Look closely at the sender's email address. Often, spammers use email addresses that seem unfamiliar, strange, or misspelled. Legitimate organizations usually have a consistent and recognizable domain name.

What is the most difficult phishing to detect? ›

Spear Phishing

Then the scammer uses this information to craft a phishing message with an offer or request information relevant to who the target is and/or what they do. As such, this type of phishing is more difficult to detect.

What does a spoofed email look like? ›

Look for disconnects between email addresses, display names, etc.: An email address that doesn't match the sender's display name is a telling sign of a spoofed email, especially if the domain of the email address looks suspicious.

How to report a scammer? ›

Contact the FBI at (202) 324-3000, or online at www.fbi.gov or tips.fbi.gov. Contact the Department of Health and Human Services, Office of the Inspector General at 1-800-HHS-TIPS, or online at www.oig.hhs.gov . Contact the Internet Crime Complaint Center (IC3) online at www.ic3.gov.

What happens if you open an unsafe email? ›

No, you cannot get hacked just by opening an email. The only way you can get hacked through an email is by interacting with the contents of the email, such as clicking on a malicious link or attachment. Continue reading to learn more about malicious emails and how to avoid getting hacked through them.

Top Articles
Latest Posts
Article information

Author: Wyatt Volkman LLD

Last Updated:

Views: 5761

Rating: 4.6 / 5 (66 voted)

Reviews: 89% of readers found this page helpful

Author information

Name: Wyatt Volkman LLD

Birthday: 1992-02-16

Address: Suite 851 78549 Lubowitz Well, Wardside, TX 98080-8615

Phone: +67618977178100

Job: Manufacturing Director

Hobby: Running, Mountaineering, Inline skating, Writing, Baton twirling, Computer programming, Stone skipping

Introduction: My name is Wyatt Volkman LLD, I am a handsome, rich, comfortable, lively, zealous, graceful, gifted person who loves writing and wants to share my knowledge and understanding with you.