What are the signs of a scam email pointing to non-existent website?

Key findings

• Non-existent domains: A primary indicator of a scam email is when the linked website, or the domain mentioned for issues, simply does not exist or cannot be resolved via DNS. This implies a complete fabrication on the part of the scammer.
• Generic or suspicious greetings: Emails that start with vague salutations like 'Dear Customer' instead of your specific name often indicate a mass-sent scam.
• Grammatical errors and unprofessionalism: Poor spelling, awkward phrasing, and unprofessional formatting are common hallmarks of scam emails, reflecting a lack of legitimate corporate communication standards.
• Sense of urgency: Scams often try to create panic or urgency, prompting immediate action without allowing time for critical thought or verification.
• Requests for sensitive information: Legitimate organizations rarely request personal data like passwords or banking details directly via email links.

Key considerations

• Verify website existence: Before clicking any link, hover over it to see the actual URL. If it looks suspicious or leads to a non-existent site, it's likely a scam. You can learn more about how to identify phishing emails.
• Check sender domain: Ensure the sender's email domain matches the legitimate organization they claim to represent. Public email domains (like Gmail, Outlook) for official communication are highly suspicious.
• Be skeptical of urgency: Legitimate communications usually provide ample time for action. Urgent demands often signal a scam. Understanding why emails go to spam can also help.
• Report and delete: If you identify a scam email, report it to your email provider and delete it. Do not reply or engage. The FTC provides additional guidance on avoiding phishing scams.

Key opinions

• Unbelievable errors: Many marketers find it astonishing that scam emails still contain such basic errors, like pointing to non-existent websites or having poorly constructed footers.
• Outdated tactics: The methods used in these scams often appear to be from an earlier era of internet fraud, suggesting a lack of sophistication that is almost comical.
• Generic personalization: The use of generic or oddly formatted greetings, rather than personalized salutations, immediately flags the email as suspicious.
• Obvious attempts: Marketers recognize that the clear aim of these emails is to elicit a quick, unthinking response, leveraging urgency or false authority.

Key considerations

• Educating recipients: The persistence of these scams highlights the ongoing need to educate the broader public on common phishing indicators. This includes being able to identify suspicious email addresses.
• Maintaining vigilance: Even with advanced filters, some simple scams can slip through, making user awareness a critical last line of defense. Consider how to identify suspicious email domains.
• Impact on legitimate sending: The prevalence of scams can make legitimate marketing emails more susceptible to being flagged as spam by skeptical recipients or aggressive filters. Insights from Abnormal AI's glossary can be helpful.

Key opinions

• Automated scanning: Some scams originate from automated systems that randomly scan for vulnerabilities or generic errors, then send out emails based on vague findings, even if the 'target' doesn't exist.
• DNS resolution failure: A crucial technical sign of a fake website is its inability to resolve via DNS (Domain Name System), confirming that the domain simply isn't registered or active.
• Volume over sophistication: Many scammers prioritize sending a high volume of unsophisticated emails over crafting highly targeted ones, relying on a small percentage of recipients falling for the obvious ploys.
• Exploiting trust: Even with glaring errors, these scams exploit general user trust in official-looking communications, especially if they create a sense of urgency or fear.

Key considerations

• Email authentication: Robust email authentication protocols like DMARC, SPF, and DKIM are vital for preventing domain spoofing, although they don't directly address malicious links if the sending domain is legitimate but compromised. Learn more in our simple guide to DMARC, SPF, and DKIM.
• Technical link verification: Advanced users can perform DNS lookups on suspicious URLs to confirm their non-existence, a definitive sign of a scam.
• Filtering mechanisms: Email service providers employ various filters, including those that check for non-resolving domains and suspicious link patterns, but some still get through. If your emails are receiving a DMARC verification failed error, you should read more here.
• Ongoing threat: The continued success of even basic scams means that the threat is pervasive and requires constant adaptation from both security professionals and end-users. The experts at Word to the Wise often provide updates on evolving scam tactics.

Key findings

• Suspicious domain names: Documentation frequently warns against emails from public domains (e.g., Gmail, Yahoo) purporting to be from official organizations, or domains with slight misspellings of legitimate ones.
• Mismatched URLs: A key piece of advice is to check the actual URL of a link by hovering over it, confirming it matches the expected destination and isn't redirecting to an unknown or non-existent site.
• Requests for sensitive information: Official documentation universally states that legitimate entities will not ask for sensitive personal details like passwords or credit card numbers directly via email links.
• Fake login pages: Many phishing attempts direct users to fake login pages that mimic real ones to steal credentials. Users should be aware that emails can get phishing warnings in Gmail for various reasons, including suspicious links.

Key considerations

• Proactive verification: Instead of clicking, navigate directly to the official website by typing the known URL into your browser. This bypasses any potentially malicious links.
• HTTPS presence: Always look for 'HTTPS' and a padlock icon in the browser's address bar, indicating a secure connection to a legitimate site.
• Reporting mechanisms: Documentation encourages users to report phishing attempts to their email providers or relevant authorities, contributing to broader cybersecurity efforts.
• Inconsistent warnings: Sometimes, legitimate emails might trigger warnings, but understanding why this happens can help distinguish between false positives and genuine threats.