You just got an email from your bank. Is it real? Here are some ways to identify scam emails.
An email that appears to have come from your bank has just arrived in your Inbox. With so many scams going around these days, you are right to be skeptical. Is this email legitimate? Or is it a scam?
Here are some ways to tell. This list is not exhaustive and it won’t identify every scam email, but it will help catch many of them.
Are you expecting this email?
Do you usually get an email from your bank at this time of the month? Are you expecting an email about a regular monthly statement? Have you requested some information from your bank contact or advisor? If you are expecting this email from your bank it may be legitimate but this alone should not be enough to convince you to do anything the email requests. If you are not expecting this email, be very suspicious.
Check the sending email address
The name of the sender may appear to be the bank’s name but the sender name and the email address can be very different. One of the common techniques the scammers use is to fake the sender name to make it look legitimate. Always check the actual email address the email came from. If it looks suspicious, like it is an address with a string of letters and numbers, foreign characters, or the address domain (the part after the “@” symbol) is not your bank, this is almost certainly a scam and you should delete the email.
How can you check the true sending email address? It depends on the software you are using and the device. Here are the instructions and examples from the most common platforms and devices.
Outlook on Windows/Mac
In Outlook on Windows or a Mac, look at the sender information at the top of the email. Here’s an example from a recent scam email I received.
See how the actual email address is not at all who the sender name appears to be.
Outlook on iPhone or iPad
On an iPhone or iPad in Outlook, tap on the sender name when viewing the email to expand the display and see the full email address. Here’s what a recent scam email looks like on my iPhone in Outlook.
See how the actual email address is not at all who the sender name appears to be.
Apple Mail on iPhone or iPad
In the default Apple Mail app on an iPhone or iPad, tap on the sender name at the top of the email and it will open a contact card view that shows you the full email address. Here’s what this looks like on my iPhone for a recent scam email I received.
See how the actual email address is not at all who the sender name appears to be.
Gmail in a browser
Using Gmail in a browser, move your cursor over the sender name in the list of emails. It previews the email address as shown in this screen capture from a scam email sent to my Gmail address.
See how the actual email address is not at all who the sender name appears to be.
Gmail on Android phone or tablet
On an Android device using the default Gmail app, tap on the down arrow in the section that shows the sender and receiver names. It will expand to show the full sender email address as shown in this screen capture from a scam email sent to my Gmail address.
See how the actual email address is not at all who the sender name appears to be.
Is it using emotional techniques to get you to take action?
By far the most common techniques scammers use is to play with your emotions to get you to take action. They are relying on you acting based on your emotions. Before you take any action, stop, take a deep breath or three, and ask yourself the following questions.
Are they trying to make me afraid?
Have they claimed that if you don’t take action you will lose access to your account, you will lose substantial amounts of money, you will go to jail, you will owe a large amount, or there will be harm to yourself or your family? These claims are intended to make you fearful. They are trying to prompt you to act out of fear. These claims are not true. Do not become afraid and act based on that fear.
Are they demanding immediate action?
Have they claimed that you must take the action they have requested immediately, or within a short period of time? Is the language forceful and demanding instead of polite? Again they are trying to make you fearful of missing a deadline. There is no deadline and do not get caught in their attempt to make you take action.
Are they demanding secrecy?
Have they claimed that if you tell anyone there will be serious negative consequences? This is a lie. They are trying to stop you from seeking opinions from others who can look at the situation more objectively. They want you to only believe the false claims they are making.
Don’t click on links in the email, do this instead
Never click on a link in the email. The links in these emails will take you to web pages that impersonate the bank website but are there to steal your information. I have seen how they hack into websites of small businesses and churches to do this.
There is never only one way to contact your bank. If you access your bank online, use the regular app or website you normally use. Check if there is a notification or message there for you (it is unlikely there will be).
Call your bank and speak to a customer service representative. Get the phone number from your regular statement or the back of your bank card, not from the email, to make sure you are actually calling the bank. Customer service reps have been trained in these scams and have heard about more scams than any of us know about. They get updated from the bank’s security team on a regular basis about the current scams.
Go to your branch and speak to a representative there. They will be able to tell you if there is a legitimate reason for them to be contacting you.
Reduce the risk of getting scammed
We can’t prevent the scammers from trying to scam us, but we can continue to be vigilant and reduce the risk that we will fall for one of their scams. Follow the steps above when you receive an email that appears to come from your bank and you can prevent many attempts to scam you.