Smells Like Phish

Smells Like Phish

Top 4 Red Flags to Avoid Scammers

Stranger Danger – Unknown Email Senders

The easiest way to spot a scam is to check what address it is coming from. If you got an email from a company like ACME Inc, you should be able to see that sender’s email address from @acme.com or something of the sort. If the sender’s email originates from @gmail.com or another free email service, chances are this is not an official email from the company they are claiming to be. Check the sender’s actual email address matches the company’s address.

Note: Some email apps hide the sender’s email for simplicity, and you have to click the sender’s name to reveal this information. 

Services You Didn’t Order

One of the most common types of phishing and email scams in 2022 is the “Thanks for your jillion dollar order!” scam. We frequently see this coming from scammers impersonating antivirus or security services like Norton or McAfee. Our clients get an email that says something along the lines of “Payment Successful” and gives a fake bill as if you had just paid for $499 worth of security services. It startles people and some of them call the phone number or email address given in the email. This number or email is where the scam begins, so don’t contact these people.

These orders are almost always fake, and the worst thing you can do is call the phone number or reply to the email. They’ll ask either to connect to your computer, or for very detailed information used to impersonate you. Refer to our first recommendation to see if this is from a free email address, or if it really came from the company you thought it did. 

If you really are worried this may be a legitimate invoice, go to Google and search for the company’s website. Contact them directly, without ever clicking on a link in your email or calling a phone number in that email. 

Calls and Emails From Large Companies

This has become a little less popular over the years, but it is still relevant. Big companies that run our computer systems rarely call us. Apple, Microsoft, Google, etc will rarely have enough time and resources to call individuals directly unless when needed. If you have a phone call that is from a large company, worth more than $100B/year, you should be on your toes. I admit I had one legitimate call during 20 years like this, but the vast majority are scams. Large companies don’t have the staff to reach out to all 1.8 billion of their users. 

Too Good To Be True

It can be hard to turn down great opportunities, but we also have to ask if they are legitimate or not. This category is rather broad, but the main principle is that someone calls or emails you out of the blue with an offer for something you have been searching for or need very badly. The offer sounds great until the scammer either gets your personal information or takes a bunch of money. Not all great offers are like this, but here are some places we see it commonly:

  • Refund you weren’t expecting
  • Excellent job offer with 2x normal pay
  • Training for “secrets to money” or similar
  • High hourly pay offers to transfer money


In the end it comes down to being aware of a few things in the scam. Who is offering it? How exactly are they making money off it? If you can answer those two questions, you likely have a good idea on the legitimacy of the issue in front of you. Beware unsolicited dream-offers, and know who you are communicating with. If you don’t know what will happen when you click, it’s best not to click!