TechTalk

The latest tech reviews and inspiration from Currys

Spot the scammer: how to protect against phishing emails

Can you outwit AI to recognise a phishing attempt?

software

Article Main Image

Spot The Scammer

Are you scam-savvy?

Have you ever been hooked in by a phishing email?

And do you reckon you can compete with artificial intelligence (AI) when it comes to spotting the differences between a scam email and a genuine one?

Take a trip with us through a world of inboxes and spam filters to discover the impact AI is having on scam emails – and see for yourself if you can spot the scammer in our interactive quiz!

Beware of the phish: crafty cons and malicious mails

When it comes to how we conduct ourselves online nowadays, we all like to think we’re being sensible and secure. We’ve all heard the horror stories of the lonely old widow falling victim to the email from someone who promises love, romance and the chance of a new life in exchange for her bank account details and the price of a plane ticket. But there’s no way you’d fall for a spam email – right?

These emails are designed to con you into handing over lucrative personal or financial information that cyber criminals can use to scam you – a technique known as phishing.

But surely with the standard of today’s firewalls and filters, not to mention our impeccable levels of common sense, most scammers would have given up for a new hobby by now?

Sadly not.

Right now, those inbox filters are working overtime to keep the flow of malicious emails out, with approximately 15 billion spam emails flying across the internet every day. According to a 2023 report by online security giant McAfee, that works out at around 12 scam messages per day for each of us, either by email, text, or social media. The same report discovered that 84% of Americans asked found it harder than ever to identify scam messages. They needed an average of 94 minutes a week to identify their legitimate mail from the fakes – that’s more than two standard work weeks a year.

Spam and chips: how scammers are using AI

The favourite tool for scammers is now artificial intelligence, or AI. With it, they’re able to create emails that are more convincing and harder to spot than ever before. And while AI is currently designed to work to ethical guidelines and restrictions to prevent misuse, including the creation of spam, there’s nothing to stop cyber criminals using it to improve their grammar or tone of voice.

So, the big question is, can AI tell when an AI or human-created email is a scam or genuine?

And more importantly – can YOU? 

Even AI can’t spot all the spam

So as you can see, it’s not always easy to spot the malicious emails from the genuine ones.

In fact, we tasked AI to see if it could spot the scammer too. We put 40 emails – including all those in the quiz above - through two separate AI systems to see if it could tell which were fake and which were legit. The 40 emails comprised 29 scams, and 11 genuine ones.

Reassuringly – they were pretty accurate in their findings, but neither of them managed to return a 100% scam-spotting score!

In terms of total emails correctly analysed, it’s a two-way tie between Chat GPT-4 and Perplexity. But it’s worth noting that out of the two systems, Perplexity is the one that seemingly exercises the most caution, correctly spotting more scam emails than Chat GPT-4 and deeming more of the genuine emails to be fakes.

In that sense, it’s a case of a ‘better safe than sorry’ attitude from Perplexity, as it viewed some of the legitimate emails as containing ‘characteristics of a phishing attempt’ that should be ‘treated with caution’.

How to spot a phishing email and avoid being scammed

So, even though we’ve seen that the occasional slippery phish can slip through the net, there’s no need to be scammed if you keep your wits about you. Forewarned is forearmed when it comes to the fight against the cyber criminals, which is why we’ve put together this list of powerful cyber security hints and tips to help keep you safe. We’ve compiled it by using online sources including the National Cyber Security Centre, Crimestoppers UK, Which? and the UK Government’s ‘Stop! Think Fraud’ campaign.

If you feel an email is a scam: 

  • Don’t respond, click on any links, or download attachments.

  • Delete the email from your inbox to avoid accidental interaction.

By taking these steps, you can significantly reduce your risk of falling victim to phishing scams. Always err on the side of caution. If something smells phishy and feels off, trust your instincts, and verify the authenticity through other means.

Legitimate companies use domain emails, which are usually the name of the company. Be wary of emails from a public domain (like @gmail.com or @yahoo.com) or with misspelled domains that look similar to real ones. 

Professional organisations proofread their communications. Frequent spelling and grammar errors can be a red flag.

Phishing emails often create a sense of urgency, like threatening to close an account unless you update your information immediately. A legitimate company will never rush you in this way.

Hover over any links in the email (without clicking) to see the URL or web address. If it looks strange or doesn't match the company's official website, don't click it.

Phishing emails often use generic greetings like "Dear Customer" instead of your name. Companies you do business with usually personalise their emails.

Legitimate companies will not ask for sensitive information via email. Be cautious of emails requesting passwords, account numbers, or other personal details.

Sometimes, the scam is in the details. Check for slight variations that might be easy to overlook at first glance.

Most email services have spam filters. Ensure yours is turned on to help catch potential phishing emails before they reach your inbox.

If an email seems suspicious, contact the company directly using information from their official website or your account statements, not the email.

Attachments can contain malware which can steal information and damage your computer. Only open attachments when you're expecting them and you're confident they're safe.

Keeping your antivirus software up to date can help protect you from malware that might be downloaded from phishing emails.

If you feel an email is a scam: 

  • Don’t respond, click on any links, or download attachments.

  • Delete the email from your inbox to avoid accidental interaction.

By taking these steps, you can significantly reduce your risk of falling victim to phishing scams. Always err on the side of caution. If something smells phishy and feels off, trust your instincts, and verify the authenticity through other means.

Scam-busting security software for safer browsing

In the fight against the scammers and any viruses they may try to infect your computer with, security software is a powerful ally. Antivirus software can protect your PC or laptop against attack from malware that can originate from a scam email. At Currys we’ve got industry-leading antivirus software McAfee and Norton to help keep you safe online, along with trusted office software including Microsoft 365 and Microsoft Office with Publisher for dependable delivery of daily tasks.  

To test whether AI could tell scam emails from genuine ones, we put a mix of both through two online AI language models: Chat GPT-4 and Perplexity AI. These 40 emails included first-hand examples from across the web, along with email content based on real examples that shared their exact characteristics and techniques. In each case, the AI was asked to identify if the content was from a scam email or a genuine email, and to give reasons supporting its decision.

The list of cyber security tips was compiled using a variety of sources including the National Cyber Security Centre, Crimestoppers UK, Which? and the UK Government’s ‘Stop! Think Fraud’ campaign.

Related in Software

Related Article Image
How to uninstall apps and programs in Windows
Related Article Image
How to show and hide files on Mac
Related Article Image
macOS versions list in order
Related Article Image
Why you need Microsoft 365 on a Windows laptop
Related Article Image
Best vlogging tips