Skip to Content
© Vitaly Sosnovskiy |
Security & privacy

Scam alert: Convincing phishing email is spreading

When’s the last time you got a phishing email? These tricky campaigns are some of the most effective tools a hacker can use, and judging by the millions of users successfully harmed by these schemes over the past few years, we’d say they’re unlikely to stop any time soon.

What makes phishing issues so frustrating is the fact that they don’t really change over time. The tricks and tactics remain the same, and it’s only the willingness of the victims that makes phishing so effective. Tap or click to learn how to avoid the most popular scams on the web.

And now, just in time for the new year, users across the web are finding a brand new batch of phishing scams cluttering their inboxes. If you’re not careful, these emails can download malware to your system that will steal your financial information. We’ll show you what you need to look out for to stay safe.

Scammers take advantage of the post-holiday blues

The Better Business Bureau has put out a scam alert detailing the rise of a new wave of phishing scams. The scams, in their current form, take the shape of malicious emails that promise special “after Christmas” deals and savings at major retailers. In reality, the emails are nothing more than vessels for malware.

As with previous phishing scams, victims receive an email that looks like an official correspondence from a retailer. The subject and body of the message will contain some detail about “unclaimed rewards.” You may even see very realistic looking text and images designed to fool victims inside the message.

Clicking links inside the email may even take you to a realistic-looking landing page. Tap or click to learn about one phishing scam that used realistic fake websites. But the moment you open a link or download the attachments (it’s always attachments), you’ll find yourself infected with malware.

The specific malware associated with this wave of scammers looks for personal data like credit card numbers and bank information. You may not even know if you’re infected once it’s installed itself on your system.

How can I protect myself from this phishing threat?

As with all phishing incidents, the burden of cybersecurity falls on the victim. It’s common knowledge at this point to be skeptical about mysterious emails and attachments — and under no circumstances should anyone open or download anything they’re not 100% sure about.

That said, it’s concerning how so many scammers are going to great lengths to appear legitimate. Some of these fake emails and websites are virtually indistinguishable from the real thing, so it’s important to know the red flags when investigating emails that appear to be from a major retailer.

The biggest thing to look for is the actual sender’s email address. If you receive a questionable email offering steep discounts, the easiest thing you can do to check its legitimacy is to see if the sender’s email address matches a real world domain like

If the email you received has an extremely long name or if the URL doesn’t match a retailer’s exactly, you’re probably dealing with a scam.

As online scamming becomes a tried and true moneymaker for cybercriminals, knowing the difference between real and fake emails will be key to protecting yourself. If you want to check how good you are at spotting fakes, tap or click here to take a phishing email proficiency test.

Stop robocalls once and for all

Robocalls are not only annoying, but they scam Americans out of millions every year. Learn Kim's tricks for stopping them for good in this handy guide.

Get the eBook