What should you do when you get a scam email or end up on a scam website? Also known as phishing attempts, fraudulent emails are used to trick people into sharing personal information like social security numbers, bank account details and passwords. This article will tell you how to identify scam emails, what to do if you spot one, where to report scams, and steps you can take to protect yourself if you think you have been scammed.
What do scam emails look like?
Criminals often attempt to mimic official emails from large, reputable companies like eBay, Amazon, Citibank, and PayPal. Some scam emails play on your emotions or make offers that are too good to be true. Here are some common characteristics of scam emails that you should watch out for in your inbox:
- The email isn’t addressed to you, or the name space is left blank,
- There are spelling or grammar errors,
- The sending email address is non-sensical or doesn’t match the company name,
- The branding, images or colors do not match the official website,
- You receive a request from a company you do not do business with,
- The email asks for a small payment in exchange for a much larger one,
- The email claims to be from a friend who is stuck overseas and needs money sent,
- You receive a delivery notice when you are not expecting mail,
- You are notified of a lottery or competition win when you have not entered.
What to do if you find a scam email
If you think you have received a scam email, do not open it. If you have opened the email, do not click on any links or attachments.
Have you spotted a fraudulent email that is pretending to be from a reputable company? If you have received an email and you think it is a scam, you should contact the company represented immediately.
For example, if you receive an email purportedly from eBay, you should forward it to eBay’s scam reporting email address. Do not add or change anything to the original email, including the subject line.
Once you have forwarded the email, delete it. Here is the contact email for some of the most commonly targeted companies. If you are in doubt, go directly to the company website and search for scam, phishing, spoof or fraud reporting pages.
- Best Buy
- abuse@bestbuy.com
- Citibank
- spoof@citicorp.com
- EarthLink
- fraud@abuse.earthlink.net
- eBay
- spoof@ebay.com
- PayPal
- spoof@paypal.com
- Bank of America
- abuse@bankofamerica.com
- Wells Fargo
- reportphish@wellsfargo.com
- Amazon
- stop-spoofing@amazon.com
You can forward the scam email to the Federal Trade Commission reporting address, spam@uce.gov, and to the Internet Crime Complaint Center (IC3). Previously known as the Internet Fraud Complaint Center, IC3 provides a way for the public to report internet crimes of any type to the FBI. If you have received emails purporting to be from the IRS, you can forward them to phishing@irs.gov or call 1-800-366-4484.
Reporting a scam email using advanced steps
If you have experience with code, email, and internet issues, you may like to do some sleuthing to establish which servers the emails are being sent from. Server companies do not want to host scammers and are likely to investigate reports. Remember that system administrators do not have anything to do with the scammers, so be polite and clearly explain your concerns. Attach evidence when possible.
View source
- Look at the html source of the email message or the web form.
- In the html code, look for the <form> tag and see where the form results are being sent. The form will probably look something like this:<form action=”/cgi-bin/FormMail.cgii”
- You will also want to look for a hidden field below the <form> tag that will look something like this:<input type=hidden name=”email” value=”someone@blahblah.com”>This is the email address that will receive the results of the form. You’ll want to track down those responsible for the servers that the form and email reside on.
The above example is a typical Perl-based form to mail script. Scammers may also use combinations of php, asp, or other code. If you’re not familiar with any of this, just make sure the email is forwarded to the company, so they can work to shut down the offending site.
Track down servers
When you have uncovered information about where the emails are coming from (or where the data is being sent), you can use the domain name or IP address to identify the servers. Using these lookup tools will usually produce contact details that you can use to alert system administrators.
UltraTools WHOIS IP Lookup Tool
What to do if you think you’ve been scammed
If you think you have been scammed, it’s important to act quickly to protect your finances, credit rating and identity. You can report the incident to a number of companies such as your bank and credit bureaus. Here is a list of steps you should take immediately:
- Contact your financial institutions and let them know your accounts may be compromised. They may be able to stop, cancel or reverse fraudulent transactions. Be prepared to close your existing accounts and open new ones.
- Change your passwords. If you entered login details on a fraudulent company page, start with that account through its genuine website or call customer support on the phone. Then, change your banking logins, email account, and social media passwords. This is particularly important if you use the same password for multiple accounts, or have your password reset information sent to a single account.
- Alert the three major credit bureaus that you’ve been scammed (Equifax, Experian, TransUnion). They will add a fraud alert to your file that should prevent any new credit being extended in your name. The credit company should be prompted to call you to check if the attempt is genuine or not.
- In addition to filing an alert, you can opt to freeze your credit reports for a period of time. This will require a PIN to be provided to authorize any loans. Any attempt by scammers to access a loan in your name should be prevented as they will not have this PIN even if they have your other identity information.
- Check that your anti-virus protection on your computer is active and up-to-date. Install a reputable anti-virus program if you don’t have one. Prompt your software to run a complete scan of the computer.
Once you have secured your finances, online accounts, credit rating, and computer, it is important to notify the authorities, including the police.
Why it is important to report a scam
Reporting scams helps the authorities to get a better understanding of how scams are being done so they can be stopped.
Notifying government agencies can work to protect other citizens from a similar fate, as public awareness campaigns help to alert others to the scam. Importantly, if you have lost money or had your identity compromised you are likely a victim of crime and you have every right to report it to the police.
Many agencies collaborate to stop internet scammers – the more information they have, the better. You can report the scam to the below agencies:
- The Internet Crime Complaint Center (IC3) will refer your complaint to the relevant law enforcement agency. (Note this service does not notify credit bureaus or providers)
- The Federal Trade Commission (FTC) also networks with relevant authorities and will advise on the next steps to take. You may also make a report over the phone by calling the FTC Consumer Response Center on 1-877-FTC-HELP (1-877-382-4357).
- Ecommerce.gov specializes in scams and fraud that relates to foreign companies and transactions.
- The Department of Justice (DOJ) can help you to determine any additional agencies should be notified of the scam and its impact on you.
- The Anti-Phishing Working Group the APWG help to unify the global response to cybercrime.
- The United States Computer Emergency Readiness Team (US CERT) is a flagship cyber-defense and and incident response center.
To help you protect your identity, you can refer to these government services for advice and action steps to take after being scammed.
- Identitytheft.gov will help you formulate a personal recovery plan.
- Use the government’s Identity Theft Guidelines to further protect your identity, including your credit rating.
- In addition, let your friends and family know about the scam. You may help them to avoid it for themselves and alert them to strange emails being sent from your accounts. If you are in business, contact your industry association so others can be made aware of the threat.
What evidence you should collect if you’ve been scammed
It often takes many reports to build a strong case against scammers. A suggested list of helpful evidence to keep is provided below.
Depending on the extent and scale of the scam, you may have various pieces of evidence to provide to the authorities. Collect everything that is connected to the scam and keep it in a safe place. You may be required to provide this evidence when asked. If you’re unsure about an item, you should keep it, even if it is not on this list.
- Digital copies of mails (do not edit subject lines or headers, and include all information if they must be printed),
- Credit card receipts and bank statements,
- Screenshots of transactions, suspicious activity or other relevant information,
- Cancelled checks,
- Certified or other mail receipts,
- Money order receipts,
- Wire receipts (such as Western Union),
- Virtual currency/cryptocurrency ledgers,
- Pre-paid card receipts including digital gift cards,
- Envelopes (if you received items via FedEx, UPS, or U.S. Mail),
- Pamphlets or brochures,
- Phone bills,
- Printed or preferably electronic copies of emails (if printed, include full email header information),
- Physical gifts,
- Printed or preferably electronic copies of web pages,
- Hard drive images,
- PCAP files containing malicious network traffic,
- Network, host system, and/or security appliance logs,
- Copies or details of malware used,
- Chat transcripts and/or telephone logs.
Being scammed can be very upsetting but knowing what to do can help you regain control of the situation. Act quickly to protect yourself and then contact the authorities.
How to report scam emails in Canada
You can submit information to the Spam Reporting Centre here, and it will be forwarded to the appropriate government agencies. Contact your financial institutions immediately if you are concerned about the security of your accounts. Contact Equifax (call 1-800-465-7166) or TransUnion to protect your credit rating and implement a fraud alert. You can access advice and information if you have been scammed through the Canadian Anti-Fraud Centre.
How to report scam emails in the UK
ActionFraud, the National Fraud & Cyber Crime Reporting Centre has a form to complete if you need to report an email scam, phishing or fraud attempt, along with detailed information about how to protect your identity. If you have been scammed and lost money, you can report the loss as a crime. Contact a credit reference agency (CRA) to apply for a fraud alert to protect your credit rating. The CRAs are Experian, Equifax, and TransUnion (previously Callcredit).
What to do if you find scam emails in Australia
If you want to report a scam in Australia, use the ACCC Scamwatch website form. Depending on the type of scam, you may be able to report to specific authorities, using the list here. You should contact banks and financial institutions directly. Contact the major credit agencies to place a credit alert on your file. The Australian credit reporting bodies are Equifax (call 13 8332), illion (previously Dun & Bradstreet) (call 1300 734 806), and Experian.
If you are a victim of identity theft, reach out to iD Care to access government-backed support and advice, and apply for a Victims of Commonwealth Identity Crime certificate.