As the holidays ramp up, so do the scammers. In this post, I talk about the most common email scams I see during the holiday season. You'll learn how to identify the most common type of email scam (affectionately known as phishing – the hacker word for fishing) and steps you can take to prevent yourself from becoming a victim.

Identifying a phishing email scam

Many phishing email scams come across looking like a legitimate email. Take, for example, this totally ordinary-looking receipt from the iTunes Store.

Screenshot of phishing email disguised to look like it comes from Apple.
This is a real, legitimate email from Apple that I have modified to look like a scam email.

This receipt from the iTunes Store is dressed up to look like it came from Apple, and if you were to only look at the email content, you probably wouldn't be able to tell it's not from Apple.

At first glance, we see:

  1. Your Apple ID email address under the Apple ID section.
  2. Your payment method, name, and address under the Billed To section.
  3. An Order ID under the Order ID section.

In a typical phishing email scam, the above details will most likely contain your real information. You will see your real email address, your real name, and your real address.

Now how do you figure out that this email is actually fake? The following two simple tips will turn you into a phishing email scam detective.

Let's take a closer look at this email from "Apple." There are four links in the email.

  1. A link to your email address that will open an email to yourself if clicked.
  2. A link on the Order ID that would presumably open the order details.
  3. A link to write a review.
  4. A link to report a problem.

Scammers love to get you clicking links to websites that they have set up to look like a company's legitimate website. The most common way they do this is by linking text to a website that they've set up and is not on the company's domain name.

In the case of our "Apple" email, you can see that when I hover over a link, my browser shows a preview of where I am going to be sent if I click on it and the preview is scamwebsite.com and not apple.com, as we would expect from a legitimate email.

Second screenshot of phishing email disguised to look like it comes from Apple.
This is a real, legitimate email from Apple that I have modified to look like a scam email.

Tip #2: Check to see who the sender is

Let's take another close look at our now-infamous "Apple" email.

In Gmail's web interface, you can see that the email address this email came from is listed right next to the name of the account that sent the email.

Apple <applecompanysupport-123lkjghjsaw34@hotmail.com>

Screenshot of Gmail for web showing the email address email comes from.

Fortunately for us, Gmail does this to make it easy to verify the sender. In other email apps, this from address might not be easily visible.

For example, in Gmail on the iPhone you need to tap a "▼" looking icon to expose more information about the sender of the email. To illustrate this, let's take a look at another email from "Apple" that I have on my iPhone.

Screenshot of Gmail for iOS showing how to get to the additional information in the email header.
Notice how the "from address" is not visible in this screenshot of the email.

When we expand the message details section in the Gmail app on iPhone, we can then see the from address we are looking for and that the address is indeed not from an apple.com domain.

Screenshot of Gmail for iOS showing additional information.

Other email apps on your phone will allow a very similar way to expose additional information about the sender. Look for icons that appear to expand something, or text that reads something like "see more details" or "more information" near the top of the email. Many times tapping the name of the sender will also expose this information.

And that just about covers it.

The two tips I discussed above will apply to 90% of  phishing emails. You're now a phishing email scam detective and are capable of identifying around 90% of phishing email scams.


I'm Nick Bentley – message me on Twitter and check out my website.