5 ways the hackers and scammers try to trick you


Over the past few weeks, I have had several clients get tricked by scammers.  This resulted in malware or even some nasty viruses being installed on their computers.  It’s often hard to track back to exactly what happened that caused the problem, but in some cases it can be obvious.  Today I’m going to show you a few of the ways scammers – specifically, SPAMMERS – can trick you into allowing bad stuff to get into your computer.

Computer hacker


Even with all of the publicity and the supposedly “common knowledge” that you should not click on links or open attachments in email unless you know for certain what you’re clicking on, email still tends to be a very popular way for viruses and malware to spread.  That’s because the scammers are getting more and more clever about how they try to trick you.

Since I use Gmail, I don’t usually see these things in my email inbox.  That’s because Gmail has a pretty good spam filter.  That’s one reason I’ve been using and recommending Gmail for many years.  But as part of my research, I went into my Spam folder and found a few of the currently popular types of spam/scam email that are still effective at infecting computers.  Here they are.

1. The “You’ve Won the Lottery” scam
This is one that you would think would be so obvious that people wouldn’t fall for it any more.  But never underestimate the power of telling people something they REALLY want to believe.  It’s the same concept as the scammers selling diet pills (“Just take this pill – you’ll lost weight and look great in a swimsuit this summer!”).  Even people that never play the lottery, and they know actual lottery winners don’t get notified by email, want to believe that there’s a chance that it might be true.  They can’t stand the thought that maybe this time it really happened, and they would really be kicking themselves if they just deleted the email without verifying that it’s true.  It’s not true.

lottery scam


2. The “Your New ATM card” scam
You remember you ordered a new ATM card from your bank, right?  Well, you must have, since the “bank” is now emailing you to tell you that it’s ready for you.  Kind of funny, because I don’t remember that my bank sends out an email with the subject line in all caps.  In fact, when my ATM card is ready, they don’t email me at all – they just send me the card in the mail.  But for a certain small percentage of people, the need to click the attached file and see what it is.  By then it’s too late – they’re infected.

ATM card spam


3. The “We Can’t Deliver Your Package” scam
When I saw this one, I knew they were starting to get more clever.  There are some variations with this.  The email could be coming “from” Walmart, Costco, UPS, Fedex – any company that could have some kind of package that they are trying to get to you.  That in itself is a pretty smart trick, because a pretty good percentage of the population actually IS waiting on a package to be delivered from somewhere.  So this email shows up, and – oh no, they can’t get the package to you because of a messed up address! All you have to do is complete the attached form and send it to them with the proper address.  But guess what happens when you click to open that attachment.  Virus alert!

spammer hacker


4. The “We’re Trying to Protect You” scam
This one takes a little bit of a different angle.  It supposedly comes from Gmail (or your choice of internet providers, but Gmail is probably the most popular choice because so many people use it).  They are alerting you that they have noticed some “illegal activity” happening on your Gmail account, and that your account is currently being monitored.  So the first question I ask is, if my account was not being monitored earlier, how did they notice the “illegal activity”?  Regardless, they are requesting that you “re-verify” your account by clicking on the link and filling out the form.  The form you are to submit usually includes information such as your Gmail password, your Social Security Number, your data of birth, your mother’s maiden name – basically all the information that some scammer needs to be able to steal your identity.

Gmail spam scam


5. The “Your Legal Documents” scam
I have to admire the creativity behind this one.  I mean, just about anyone would pay attention if they get a letter from a lawyer, a judge, or a court secretary, right?  And this one is titled a “Pretrial Notice” – sounds scary!  The scammer uses a little bit of customization by inserting a date that is recent, making it seem a little more genuine.  The “Court” is just requesting that you review the complaint and confirm it, by simply clicking on the link in the message.  But as soon as you click that link, it’s Game Over.

court email spam scam


And a bonus – the “So Sorry For Your Loss” scam
I couldn’t write a blog post like this and not include this particular one.  This comes from a local funeral home (one that you’ve never heard of obviously, unless you live in Canton, Texas).  They have a nicely formatted message, and they’re offering their condolences on the loss of your loved one.  They are advising you about the date and time of the memorial service for your friend.  In reading this, a lot of people are wondering, “Who died?” and in many cases, their curiosity is just too overwhelming to ignore the red flags.  The link in the message offers more details, so it will often get clicked.  Result: virus.

I got this spam scam email not too long ago, and within a few days I got a phone call from a client whose computer had suddenly been taken over by all kinds of bad stuff.  When I looked at her computer, I saw this email and asked her about it.  She was still confused about it because the message didn’t give any details, and when she clicked the link that didn’t offer any new information as well.  But shortly after that was when she started getting so many pop-ups that her computer was rendered virtually useless.  The important thing to notice here: she didn’t connect the two events (the email, and the virus infection) until I told her that was what caused the problem.  THAT’S how clever these scammers are.

funeral scam


My standard policy about email attachments is this: I don’t open them.  That is, unless I am already expecting it and the sender has told me (APART from that email) what the attachment is.  Same thing with clickable links in an email – don’t click on it unless you know for certain what it is you are clicking on.  And if the only info you have is the email message (from someone you know) that says, “Hey, check out this link – it’s pretty cool!”, you definitely do NOT know for certain what that link is.

In short, be suspicious of everything.  People often tell me, “I don’t open any email attachment unless it’s from someone I know”.  That is a bad policy!  Your best friend in the world could get a virus, and his computer could be sending out that virus to everyone in his address book, because of the high trust factor.  So don’t base the legitimacy of an email on who the sender is.

What email scams have you received?  What was your clue that it was a scammer or a hacker trying to trick you?  Tell us about it in the comments!

listen to my podcast in iTunes

Share this post

10 comments Add your comment »

Get updates when new comments are added. Subscribe to the comments RSS Feed

February 10th, 2014

WOW, I have recently received @ least 3 that was mentioned in your newsletter !!! The Eubank funeral home just a few days ago and the one that got my attention about HAVING to appear in court on a certain date !!!! I have received several of those and it went through my mind boy these heartless scammers are getting more clever all the time. ALL OF THESE goes straight to trash and delete-I feel sorry/afraid for the ppl who don’t think before hitting an attachment or link, especially the court emails can be scary and I can see were ppl might open those, of course, that’s why scammers use them, I guess. Anyway, I really like receiving your very informative newsletters, thx so much-you are helping sooo many of us .

Maurice Gilbert
February 10th, 2014

Scott, the Eubank Funeral Home spam/scam has even posted a “disclaimer” on their site…asking folks to please NOT call them – they already know about it! (I went to their legitimate site and not by the spammer/scammer link ;-)) Thanks for all the good info!

Scott Johnson
February 10th, 2014

Yes, I read the Eubank Funeral Home warning on my podcast. They must be worn out from all the people calling them about it.

Scott Johnson
February 10th, 2014

Thanks Louise!

Peter McDonell
February 10th, 2014

Regardless of the format of the incoming email its intent is to get you to click on some contained link. Seems to me that hovering over the link, to allow the destination to be shown in the status bar at the foot of the viewer, should be emphasised. In my experience nothing makes the scam email more obvious than a contained URL directed to an address devoid of any link to the subject matter. I know some URLs are built to give some semblance of legitimacy but the key is the base domain, probably from some country far removed from your own.

Scott Johnson
February 10th, 2014

Peter – seeing the URL while hovering over a link could be a clue, but it should not be the deciding factor. Knowing what the URL is does not mean that you know what the content at that URL is. URLs can also be written in tricky ways to make them appear different from what they really are. Very few people can look at a URL and determine that it’s safe to click through to it, so I would hesitate to emphasize that as a security verifier.

Vera Foote
February 10th, 2014

I have received the #4 one from YahooMail; and the Eubanks Funeral email has shown up 3-4 times in the past months in my YahooMail. Thanks so much for keeping us on our toes…

February 13th, 2014

Thanks Scott for your Monday e-mails I read all of them!!
I have received all of these trick e-mails and saw right though them, did not open any!!!! Michael

February 14th, 2014

I just checked my old email address and had quite a collection of the scam emails you’ve listed here – one from Eubank funeral home, two from the bank (important notice to verify account details & the other for credit card activation), plus one from Energy Billing System claiming that I owe $524. The scammers are getting pretty creative, and some of their emails can be really convincing if you don’t know what to watch for!

Thanks for posting this!

February 26th, 2014

Incorrect or awkward English is often a tip-off too. 4 of the 6 examples in your article had some of this. Thanks for the warning!