How many times have you gotten an email that seems slightly off? Do you open it, delete it or flag it as spam?

As we head towards the festive season, you better believe that hackers are hoping for some early Christmas presents. We get regular emails from clients wanting help determining whether an email is a scam or genuine, so we thought it was time for an updated rundown of some of the recent phishing scams and some helpful tips to avoid being a victim.

The latest scams

To help you identify what is genuine and what should go straight into the junk folder, below is a list of some of the common email scams that we are seeing in 2023.

Invoices for services (not) delivered

One of our clients recently received an email requesting payment for advertising in a magazine. The phishers had gone so far as to produce a fake email, PDF invoice, newsletter mockup, landing page and the advert the clients had supposedly booked. It all looked reasonably legitimate. However, they hadn’t booked any advertising and realised it was suspicious. Some red flags:

  • The website, which appeared on the invoice, was a flat page without any clickable links
  • The website isn’t secure
  • The email address is a Gmail one
  • While the logo and colours used in the fake ad were accurate, the design was not up to the usual polished standard of the company

Above: Examples of a spam email where the malicious actors have mocked up a pretend magazine cover and advertisement page.

Loyalty point scams

Customers of loyalty point programs of well-known Australian companies such as Qantas, Telstra and Coles are being targeted via a credit card scam. They receive an email or text advising them that their loyalty points will expire soon. It directs them to a fake website and asks them to log in and provide credit card details to access their loyalty points. This credit card and login information is then available for the scammers to use moving forward.

New hires

This threat isn’t new – we spoke about it in November 2021 – but it continues to catch companies out. When team members start, they are eager to please and aren’t familiar with the office processes and communication styles, so phishers see this as the perfect opportunity to catch someone off guard.

While a long-time Colton employee would know that an uber formal email from Mitch requesting them to buy gift cards for all clients and signing off with “Cordially, Mitchell” has scam written all over it, a brand-new employee may not.

Red flags to look out for

Here are some telltale signs that the email may not be genuine:

  • Instead of addressing you by name, it refers to ‘colleague’, ‘valued customers’ or ‘friend’, or by a version of your name not commonly used by your coworkers or clients
  • Communications that push you to act urgently. By applying time pressure, scammers know that you are less likely to do the due diligence to check all the facts (case in point – a new hire buying gift cards and sharing the number and code)
  • A nonsense email address such as alllglebtalghsdg@gmail.com
  • Poor layout, spelling or design
  • An unfamiliar sender name
  • A request to share personal information, such as banking details, via phone or email
  • An offer that sounds too good to be true (anyone had a long-lost relative try to give them $1 million recently??)
  • Enforced requests to click a link or open an attachment

What to do if you come across a potential spam email

The first step is to add suppliers and customers to your email address book. Doing this will help ensure you get the emails you need and nothing important is accidentally flagged as spam (on this note – now is the perfect time to check that sales@colton.com.au is in your address book).

If an email hits your inbox and doesn’t seem quite right, your best course of action is to mark it as junk or delete it immediately. Too late, and you have already clicked? Call us immediately so we can help you sort it out. And always, always, double-check directly with your boss, the bank, or the appropriate company before sharing confidential information or buying those gift cards!!