Recently, I found myself on the wrong side of a very common cybercrime: my email account was hacked. I first became aware of the breach when friends and colleagues contacted me with some urgency about an odd message they received from my address. The email, posing as me, began innocuously enough—Do you shop at Amazon? If they replied yes, they were sent a follow-up request asking them to urgently purchase a gift card from Amazon and send the code back to me (or the sender of the email scam posing as me) after which I would repay them.
This was a classic gift card scam, but the fact that it came from my own account made it far more believable to the recipient(s). The experience was embarrassing, frustrating, and eye-opening. It also drove home just how vital it is to recognize the red flags of a scam email—whether it appears to be from a stranger or someone you know.
SPOTTING THE RED FLAGS
Through this incident, I realized most scam emails share certain traits. Knowing these signs can help stop a scam before it gains traction.
The Sender’s Address Doesn’t Quite Match
Even when an email looks like it’s from a trusted contact, the actual sender’s address may tell another story. Scammers often “spoof” a display name while using a different, often suspicious, email address. Hovering over the sender’s name reveals the truth.
Manufactured Urgency
These messages thrive on pressure. Words like urgent, immediately, or ASAP are designed to make you act without thinking. In my case, the scammer implied the gift card was needed for a time-sensitive situation, hoping the urgency would override skepticism.
Requests for Gift Cards or Untraceable Payment
Gift cards are a scammer’s currency of choice. Any email requesting that you buy a card, scratch off the back and send the code should raise alarms instantly. Wire transfers, cryptocurrency, and prepaid debit cards are equally suspicious payment methods.
Suspicious Links and Attachments
Many phishing emails include links that don’t match their displayed text or are disguised using URL shorteners. Attachments, especially unexpected ZIP, EXE, or Word files, can contain malicious software.
Writing Style That Feels ‘Off’
If the tone, grammar, or phrasing doesn’t sound like the person you know, take note. In my hacked-email case, the scammer kept the wording brief, vague, and slightly formal—nothing like my usual communication style.
Refusal to Communicate Outside of Email
When a request feels strange, the quickest way to verify it is to call, text, or speak in person. A scammer will typically avoid real-time contact at all costs.
Here is the Golden Rule: If something about an email feels wrong—the request, the tone, or the urgency—stop. Verify the sender through another channel before taking any action. Friends, companies, and legitimate organizations will never pressure you into buying gift cards or sending money without proper verification.
My experience was unpleasant, but it reinforced one important fact: awareness is the best defense. The more familiar you are with scam red flags, the less likely you are to fall victim—or to unwittingly become a tool in a scammer’s hands.
