SCARS Institute’s Encyclopedia of Scams™ Published Continuously for 25 Years
Spam and Phishing
Identity Theft, Fraud, And Cybercrime Alert
A SCARS Insight
Spam and Phishing
Cybercriminals have become quite savvy in their attempts to lure people in and get you to click on a link or open an attachment.
More than half of all cyber-attacks are initiated by emails. Understanding how these attacks are triggered and how to protect yourself from them is vital in staying safe online.
Malicious Email
A malicious email can look just like it comes from a financial institution, an e-commerce site, a government agency or any other service or business.
It often urges you to act quickly, because your account has been compromised, your order cannot be fulfilled or there is another urgent matter to address.
- If you are unsure whether an email request is legitimate, try to verify it with these steps:
- Contact the company directly – using the information provided on an account statement, on the company’s official website or on the back of a credit card.
Search for the company online – but not with information provided in the email.
Spam Emails
Spam is the electronic equivalent of junk mail. The term refers to unsolicited, bulk – and often unwanted – email. Here are ways to reduce spam:
- Enable filters on your email programs: Most internet service providers (ISPs) and email providers offer spam filters; however, depending on the level you set, you may end up blocking emails you want. It’s a good idea to occasionally check your junk folder to ensure the filters are working properly.
- Report spam: Most email clients offer ways to mark an email as spam or report instances of spam. Reporting spam will also help to prevent the messages from being directly delivered to your inbox.
- Own your online presence: Consider hiding your email address from online profiles and social networking sites or only allowing certain people to view your personal information.
Phishing Emails
Phishing attacks use email or malicious websites (clicking on a link) to collect personal and financial information or infect your machine with malware and viruses.
Spear Phishing
Spear phishing involves highly specialized attacks against specific targets or small groups of targets to collect information or gain access to systems. For example, a cybercriminal may launch a spear-phishing attack against a business to gain credentials to access a list of customers. From that attack, they may launch a phishing attack against the customers of the business. Since they have gained access to the network, the email they send may look even more authentic and because the recipient is already a customer of the business, the email may more easily make it through filters, and the recipient may be more likely to open the email.
The cybercriminal can use even more devious social engineering efforts such as indicating there is an important technical update or new lower pricing to lure people.
Spam & Phishing on Social Networks
Spam, phishing and other scams aren’t limited to just email. They’re also prevalent on social networking sites. The same rules apply on social networks: When in doubt, throw it out. This rule applies to links in online ads, status updates, tweets and other posts. Here are ways to report spam and phishing on major social networks:
- Reporting spam and phishing on Facebook
- Reporting spam on Twitter
- Reporting spam and phishing on YouTube
Tips for Avoiding Being a Victim:
- Don’t reveal personal or financial information in an email, and do not respond to email solicitations for this information. This includes following or clicking on links sent in email.
- Before sending or entering sensitive information online, check the security of the website. This means look for HTTPS – as opposed to just HTTP. The HTTPS means that your connection to that website is secured and encrypted.
- Pay attention to the website’s URL. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com versus .net). .COM and .ORG are normal domains for real entities. Others may be too, but be more cautious.
- If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Contact the company using the information provided on an account statement, not information provided in an email. Check out the Anti-Phishing Working Group (APWG) to learn about known phishing attacks and/or report phishing – plus report all scam email addresses on www.Anyscam.com to help alert the world!
- Keep a clean machine. Keep all software on internet-connected devices – including PCs, smartphones, and tablets – up to date to reduce the risk of infection from malware.
Protect Yourself With These Tips:
- When in doubt, throw it out: Links in email, tweets, posts and online advertising are often how cybercriminals try to compromise your information. If it looks suspicious, even if you know the source, it’s best to delete or – if appropriate – mark it as junk.
- Think before you act: Be wary of communications that implores you to act immediately, offers of something that sounds too good to be true or asks for personal information. Real entities will not ask for personal information in an email.
- Make your passphrase a sentence: A strong passphrase is a sentence that is at least 12 characters long. Focus on positive sentences or phrases that you like to think about and are easy to remember (for example, “I love country music.”). On many sites, you can even use spaces! Even better use a nonsense sentence that you can remember, such as “DinosaursSmokeRassberries” along with numbers and symbols “AstronautesPaintMoonRocks@2024”
- Unique account, unique passphrase: Having separate passphrases for every account helps to thwart cybercriminals. At a minimum, separate your work and personal accounts and make sure that your critical accounts have the strongest passphrases.
- Lockdown your login: Fortify your online accounts by enabling the strongest authentication tools available, such as biometrics, security keys or a unique one-time code through an app on your mobile device. Your usernames and passphrases are not enough to protect key accounts like email, banking and social media. The easiest way to do this is by adding Two-Factor Authentication to your accounts and using the Microsoft Authenticator App on your phones – this way, when someone tries to login into an account you are notified and they can only gain access with a code from your phone.
Additional Resources
-/ 30 /-
What do you think about this?
Please share your thoughts in a comment below!
Article Rating
Table of Contents
Rapid Report Scammers
In the U.S. & Canada
U.S. & Canada Suicide Lifeline 988
RATE THIS ARTICLE?
LEAVE A COMMENT?
Recent Comments
On Other Articles
- Taci Fernuik on How You Think & Talk About Your Scam Affects Your Recovery: “I have hung on to the scams for far too long. With the intervention of an all-merciful God, I have…” Nov 6, 22:13
- on Disengaging From A Fake Scam Relationship: “Taci, you may want to join our new support community at www.SCARScommunity.org” Nov 6, 03:01
- on Disengaging From A Fake Scam Relationship: “This particular article helped me discover the many things I did wrong the first time I was scammed. I should…” Nov 5, 22:49
- on About the SCARS RomanceScamsNOW.com Website – 24 Years Published: “It was unavailable for a few days, but it is available again. If he would be interested, he is welcome…” Nov 5, 00:59
- on About the SCARS RomanceScamsNOW.com Website – 24 Years Published: “My husband has been scammed and your classes have been helping him but now he can’t seem to access them.…” Oct 26, 14:57
- on Talia Shepard – Impersonation Victim – Stolen Photos – 2024: “Hi, I’m Patrick from Belgium and I found this site by chance, so I just got to know it, and…” Oct 17, 23:46
- on Talia Shepard – Impersonation Victim – Stolen Photos – 2024: “Hallo ik ben Patrick uit Belgie en het is in verband over PayPal. Ik heb het dit jaar spijtig genoeg…” Oct 17, 23:08
- on Debt Relief Scams – Catalog of Scams – 2024 UPDATED 2025: “Before you make any decision, stop, think, and ask someone you trust for advice. No matter how difficult your situation…” Oct 9, 07:06
- on Shemar Moore – Stolen Photos – Impersonation Victim – 2024: “KM, sadly, this was available 5 years ago. The is a 25 year old website. Of course, new content is…” Oct 6, 13:27
- on Shemar Moore – Stolen Photos – Impersonation Victim – 2024: “Me too, since 2020. I’ve dealt with a lot of them till now. They’ve completely manipulated me and put me…” Oct 6, 00:48
ARTICLE META
Important Information for New Scam Victims
- Please visit www.ScamVictimsSupport.org – a SCARS Website for New Scam Victims & Sextortion Victims
- Enroll in FREE SCARS Scam Survivor’s School now at www.SCARSeducation.org
- Please visit www.ScamPsychology.org – to more fully understand the psychological concepts involved in scams and scam victim recovery
If you are looking for local trauma counselors please visit counseling.AgainstScams.org or join SCARS for our counseling/therapy benefit: membership.AgainstScams.org
If you need to speak with someone now, you can dial 988 or find phone numbers for crisis hotlines all around the world here: www.opencounseling.com/suicide-hotlines
A Note About Labeling!
We often use the term ‘scam victim’ in our articles, but this is a convenience to help those searching for information in search engines like Google. It is just a convenience and has no deeper meaning. If you have come through such an experience, YOU are a Survivor! It was not your fault. You are not alone! Axios!
A Question of Trust
At the SCARS Institute, we invite you to do your own research on the topics we speak about and publish, Our team investigates the subject being discussed, especially when it comes to understanding the scam victims-survivors experience. You can do Google searches but in many cases, you will have to wade through scientific papers and studies. However, remember that biases and perspectives matter and influence the outcome. Regardless, we encourage you to explore these topics as thoroughly as you can for your own awareness.
Statement About Victim Blaming
Some of our articles discuss various aspects of victims. This is both about better understanding victims (the science of victimology) and their behaviors and psychology. This helps us to educate victims/survivors about why these crimes happened and to not blame themselves, better develop recovery programs, and to help victims avoid scams in the future. At times this may sound like blaming the victim, but it does not blame scam victims, we are simply explaining the hows and whys of the experience victims have.
These articles, about the Psychology of Scams or Victim Psychology – meaning that all humans have psychological or cognitive characteristics in common that can either be exploited or work against us – help us all to understand the unique challenges victims face before, during, and after scams, fraud, or cybercrimes. These sometimes talk about some of the vulnerabilities the scammers exploit. Victims rarely have control of them or are even aware of them, until something like a scam happens and then they can learn how their mind works and how to overcome these mechanisms.
Articles like these help victims and others understand these processes and how to help prevent them from being exploited again or to help them recover more easily by understanding their post-scam behaviors. Learn more about the Psychology of Scams at www.ScamPsychology.org
Psychology Disclaimer:
All articles about psychology and the human brain on this website are for information & education only
The information provided in this article is intended for educational and self-help purposes only and should not be construed as a substitute for professional therapy or counseling.
While any self-help techniques outlined herein may be beneficial for scam victims seeking to recover from their experience and move towards recovery, it is important to consult with a qualified mental health professional before initiating any course of action. Each individual’s experience and needs are unique, and what works for one person may not be suitable for another.
Additionally, any approach may not be appropriate for individuals with certain pre-existing mental health conditions or trauma histories. It is advisable to seek guidance from a licensed therapist or counselor who can provide personalized support, guidance, and treatment tailored to your specific needs.
If you are experiencing significant distress or emotional difficulties related to a scam or other traumatic event, please consult your doctor or mental health provider for appropriate care and support.
Also read our SCARS Institute Statement about Professional Care for Scam Victims – click here to go to our ScamsNOW.com website.
Thank you for your comment. You may receive an email to follow up. We never share your data with marketers.