Landing : Athabascau University

How to catch a scam e-mail from a known contact in your address list

If you haven't seen this "friend stranded in foreign country" kind of scam email before, take note. (It is not exactly new, but I'm seeing a rash of them today for some reason.)

You get a message that appears to be from a known contact - someone in your address list - and it's a message describing an emergency, and asking for money. In Gmail, a message like this shows up with a big banner warning about the sender's account being "compromised" (=hijacked). I don't know if other webmail services also flag messages like this.

But what if your email program doesn't flag it? (or - as in my case - what if you use a mobile device to check email? mobile email programs are simplified versions - the banner warning I get in desktop Gmail doesn't appear in mobile Gmail.)

So if your email program doesn't show you a warning but the message is suspicious:

1) Check the "From" address against the "Reply-To" address. say the Sender - the person you actually do know - has an email address like

The Reply-to address usually differs - but only very slightly, like a minor change in user name or a more noticeable change in domain name. For example: (user name changed)

or (domain name changed)

2) Check the Recipient: the first such scam I got came to a mass email list, the second was addressed to "Undisclosed Recipients" (=everybody in his address book). But it could always be addressed to just you alone, too.

3) As with any digital scam, sloppy spelling, punctuation, and grammar are still dead giveaways. Internet criminals conveniently underestimate the importance of good writing.

So, to sum up:

  • treat as automatically suspicious any email from a known contact that claims some emergency and/or asks for money.
  • train your spam filter to catch emails in which the Sender address differs from the Reply-to address. (Or use Gmail, which does this for you ... well, the desktop version, anyway.)
  • check the Sender address against the Reply-to address. and check closely.
  • NOBODY uses email to send actual calls for help, warnings, etc. Email is NEVER anybody's first choice for making contact in a real emergency.

For more information:


These comments are moderated. Your comment will not be visible unless accepted by the content owner.

Only simple HTML formatting is allowed and any hyperlinks will be stripped away. If you need to include a URL then please simply type it so that users can copy and paste it if needed.