#291 not yet fixed - Need to address and fix issues mentioned by pipe

docs/safety-security/email-scams.md

@@ -0,0 +1,104 @@
+---
+layout: default
+title: Email Scams
+nav_exclude: false
+has_children: false
+parent: Safety & Security
+search_exclude: false
+last_modified_date: 2024-06-23
+redirect_from: /books/safety-and-security/page/email-scams
+---
+# Email Scams
+{: .no_toc}
+
+{% include toc.md %}
+
+The article discusses the evolution and prevalence of email scams. In the past, scammers had limited opportunities and faced significant risks. However, with the advent of the internet and email, they now have a vast, global pool of potential victims and can operate with minimal risk.
+
+Email scammers aim to extract money or personal information without providing anything of value in return. These scams are unfortunately common, as they are profitable due to the number of people who fall for them. They are also low-risk for the scammers, as they are inexpensive to set up, quick to execute, and carry minimal chances of being caught and punished.
+
+Despite the seeming simplicity of most scams, even tech-savvy individuals can sometimes be deceived. The article aims to educate readers about common scams, how to identify them, and steps to take to avoid falling victim to them. This knowledge is crucial in the digital age to protect oneself from such fraudulent activities.
+
+## Avoiding Email scams (The best practices)
+
+To minimize the likelihood of falling victim to an email scam, consider the following preventative measures:
+
+- Acquaint yourself with prevalent scams (which we discuss in this article).
+- Implement a reliable antivirus software. (More information can be found here: [What Antivirus applications we recommend.](/docs/recommendations/av.md))
+- Refrain from clicking on links embedded in emails.
+- Exercise caution with unexpected job or interview propositions.
+- Disregard email attachments received from unfamiliar sources.
+- Utilize disposable email accounts or aliases when signing up for websites that don't require your primary email address. (More information can be found in the `Precautions to take` section of the [Tech scams wiki article.](/docs/safety-security/tech-scams.md))
+- Avoid publicizing your email address on public platforms, including social media.
+
+While spam filters can be beneficial, their potential to inadvertently block important messages renders them a less than ideal solution.
+
+## Identification of email scams
+When examining your inbox, every message and its fields can offer hints to identify potential scams. 
+
+- **To field**: Bulk emails often have multiple recipients, especially if the names or email addresses are in alphabetical order. If the email is addressed to your email address instead of your name, it could be a scam. Scammers may also CC multiple recipients within the same company to appear legitimate.
+
+- **From field**: If the sender is unknown or has a foreign name that you don't recognize, it could be a scam. Legitimate businesses usually use their domain name for their email addresses, but some scammers buy similar-looking domains to deceive people. An email address extension other than .com, .org, .gov, or .edu is also suspicious.
+
+- **Subject field**: Scam emails often have clickbait subjects designed to scare, entice, or confuse you. They may also appear to be official correspondence requiring action on your part. It's safest to ignore and delete messages with clickbait subjects. If in doubt, research the sender before opening the message.
+
+- **Body of the message**: If the salutation uses your email address instead of your name or a generic greeting like "Dear valued customer", it could be a scam. Poor language skills, a sense of urgency, or requests for confidential information are all red flags.
+
+- **Attachments**: Be wary of attachments, especially .exe files or compressed archives, as they could contain malware. Even Word, PowerPoint, and Excel documents can include harmful macros, although modern versions of Office will alert you before opening these documents.
+
+More information can be found in this [blogpost discussing email scams and how to avoid them](https://www.comparitech.com/blog/information-security/email-scams/).
+
+## Scam vs Spam
+
+Spam refers to unsolicited and unwanted bulk messages, which can include emails, telemarketing calls, texts, and other digital communications. Despite effective filtering and blocking by ISPs and email providers, the [volume of spam emails increased by 30% in 2021 compared to the previous year](https://www.washingtonpost.com/technology/2022/01/10/email-spam-stop/).
+
+While scams can be seen as a type of spam, they differ in intent. Spammers are typically marketing something, whether it's legitimate or counterfeit products, or services. They might be annoying, but many are legitimate sellers. **In contrast, scammers aim solely to steal from their targets.**
+
+Phishing is a specific type of scam where the perpetrators trick you into providing sensitive information like credit card details, passwords, or Social Security numbers.
+
+## Compromised email accounts
+
+Hacked email accounts can serve as effective Trojan horses, a term used to describe deceptive malware attacks and email scams. Here's an example:
+
+- A man received an email from a friend who is a software engineer. The email contained a suspicious link, which turned out to be a virus. The man confirmed with his friend that his email account had been hacked. (See my personal example in [the "Example of a compromized account scam" section](/docs/safety-security/tech-scams.md) where I had fallen for one such scam message. While not email per say, the methodology works the same way.)
+
+The key takeaway is that even if an email appears to come from someone you know, it could still be a scam. Noticing changes in the sender's usual communication style can help detect a hacked account. The best protection is to verify suspicious emails through a different communication method, such as a phone call or text. This approach not only protects you but also alerts the victim that their account has been compromised.
+
+If you are a victim of one such event where your account was compromised, refer to the [What you can do to recover your accounts](/docs/safety-security/tech-scams.md) section.
+
+## The different kinds of email scams
+
+Scams, some dating back to the early days of the internet, can be recycled or improved upon. Here are some examples. For a more detailed description of them, refer to this [blogpost discussing email scams and how to avoid them](https://www.comparitech.com/blog/information-security/email-scams/).
+
+### Phishing Scams
+Scammers impersonate reputable organizations to trick you into providing sensitive information. If you suspect an email might be legitimate, access your account directly through your web browser to verify.
+
+### Advance Fee Scams
+These scams convince you that you're entitled to money or a free product, but require you to send money in advance.
+
+### 419 Scams/Nigerian Check Scams
+These are early advance fee scams where the sender, often claiming to be a prince, needs your help to access money. If you pay, the sender will find more reasons for you to send money.
+
+### Relative in Distress Scams
+The scammer claims a family member is in trouble and asks for money. If unsure, contact your family member through another method.
+
+### Heartstring Scams
+These scams prey on your compassion, asking you to send money to help victims of various causes. Check CharityWatch to verify unfamiliar charities.
+
+### Business Opportunities and Work-from-Home Scams
+These scams promise easy money for little effort. They often require you to buy something to get started. Pyramid schemes (nowadays referred to as "Multi-Level Marketing") and Ponzi schemes are subcategories of this scam.
+
+### Cryptocurrency Scams
+If you see cryptocurrency in an email from an unknown sender, it's likely a get-rich-quick scam.
+
+### Tech Support Scams
+These scams claim your computer's security is compromised. Big tech companies will never make unsolicited calls or emails claiming your computer is infected.
+
+### Health Scams
+These scams prey on people's insecurities, promising miracle cures. Do not buy health-related products marketed in unsolicited emails.
+
+### Trojan Horse Email Scams
+These messages claim your computer is locked or infected with malware. Run a scan with your antivirus program or Malwarebytes instead of opening these messages.
+
+### Fake job scams
+Offers of employment or gigs that require personal information, payment, or promise high earnings for minimal effort are likely fraudulent and should be approached with caution.