How to detect an email scam

Email and phone scams are highly prevalent with most people receiving one or the other or both. These scams take thousands of dollars from individuals and make it very difficult to determine their legitimacy. Here are some helpful tips to look out for when opening an email and attempting to figure out whether it’s a scam.




Who is the email from?

Using the example above: The first thing one should do is look at who the email is from, this is usually found at the top of the email. This email says it’s from Apple, and that my Apple ID has been locked. Knowing that I want to look at the address of the sender and see a corporate email address. This email address is a jumbled combination of letters and numbers. This is not something a company would send to its clients. Not only does this look unprofessional, but companies know that this looks untrustworthy. Secondly, the email received does not come from Rather, it comes from I, therefore, must then ask myself, “who are they and why would an Apple email come from them?”. Legitimate companies and people would use a common email address like Gmail or Outlook or related websites to send their emails (Irwin). If I am still concerned about the legitimacy of the sender’s address, I could then go to the internet and see if this company is legitimate. After a search on, an online database, I have determined that the website to which the sender’s email address belongs to does not exist. Now my suspicions have been piqued and I can either delete the email without any further perusing. But sometimes a suspicious email address is not always an immediate indicator, and we must delve deeper.

Are they using your name or any other identifying information?

Next, I would look to see if they are addressing you directly. Is there anything telling you that this email is for you personally? Normally, a safe email will address you by your first name or by your surname example:// Hello, John or Hello, Mr. Smith. If the email does not have any personal information which directly relates to you, this should serve as an indication that this is a generic email sent to many people, as is the case above. In the above, my Apple ID is not indicated, nor is my name. Because there is no information to tell me that this email is, in fact, about me, I am wary about the truth behind its contents. I would have given a company or other sender my information to receive the email, and, to increase the chance of me opening it, they would want to use that information to attract my attention. Anything asking you to send money or verify your information should already have your information.


As part of the CASL Act, Canadian Anti-Spam Legislation Act, companies are required to ask that people opt-in to their emails. In other words, you must tell the company, “Yes, it’s okay that you send me emails”. This usually shows up when you are registering for an account with an online store or service. The opt-in is usually a box a user checks while completing the registration process. Secondly, the act states that companies must also always have an option allowing the reader to unsubscribe from emails, to say “Please stop sending me emails”. If at the bottom of the email, there is no option to unsubscribe and you know that you did not opt-in to receive this email, it is a scam.

Are there any trust seals?

Trust seals are things like logos and trademark Ô or copyrightÓ symbols. These tell you that this company is legitimate. In the email above, Apple’s logo is not displayed nor are there any trademarks or copyright symbols indicating that the email can be taken for its word. See below for an example of what the email should look like:

In the above example, they’ve included the Apple logo, their company name, a link to their policy, and a clearly defined copyright symbol. These trust seals let me know that this is a legitimate email. Without these indicators of legitimacy, I would be cautious to click on anything in the email or respond with my information.

“Is the email poorly written?” (Irwin)

When I look at the body, the meat and potatoes one could say, of the spam email exampled at the beginning of this post, I can see that much of what is written is not grammatically correct. This indicates to me that the email is not to be trusted. Companies and people emailing you with legitimate concerns want you to trust that what they are saying is true and therefore will ensure there are no spelling or grammar mistakes. Because of all the grammatical errors, I know this is a scam email. Large companies would have checked an email numerous times and passed the email through many people to review before it was actually sent out to customers. If you see any of the mistakes as is indicated above, take them as an alert that this email is a scam.

“Does the message create a sense of urgency?”  (Irwin)

When looking at an email or text or whatever it may be that I am unsure about, I want to look for a sense of urgency. Does this email ask me to do something as soon as possible or dire consequences will occur? Yes, the email above is telling me that I must verify my account within the next 24 hours. I should then ask myself questions like, “Why would I only have 24 hours? Would a company like Apple deactivate my account and risk losing my business? Probably not.” Companies compete based on their ability to serve their customers; a company that asks its user to do something or else, would not have a very good reputation. Therefore, the urgency and the threat to follow make me leery of believing such contents.

Does the email make sense context?

A good way of determining if an email is a scam is to place the information written in the email into the context of your life. This “Apple” email says that I cannot “access my account or any Apple services”. I am currently seeing this email two days later and my phone and laptop both operate as normal. Were this true, this would not be the case. This email is wrong, nothing has been locked out or paused. Similarly, if I receive an email alerting me that a package needs to be claimed as shown below:

I would be critical of the context surrounding the email. I would consider whether I even ordered a package. I haven’t. I would also consider if there had been any indication of people coming to my house to deliver the package, as is noted above, and they hadn’t. Therefore, I know that this email does not make sense when placed in the context of my life. I can determine that such emails are a scam.


The internet is filled with many people attempting to expertly and deceitfully take your money and information to exploit you. While the internet is a wonderful place to connect with friends and family, we must also be wary of schemes that seek to take advantage of us. Being alert and critical of all the information you receive while on the internet is critical to practicing internet safety and may protect you from falling for these internet bandits.



Works Cited

Irwin, Luke. “5 Ways to Detect a Phishing Email – with Examples.” IT Governance UK Blog, 13 July 2022,