Contact Sales: |   Support: | Pay My BillClient SupportLet’s Talk!

Avoid Unwrapping Scam Emails This Holiday Season

Scam email and phishing attacks are unwanted holiday guests in every inbox.  

What is a phishing email? Phishing emails are a form of social engineering and online hoaxes that take advantage of a reader’s emotions or sense of duty to encourage them to open a communication and divulge sensitive information. Malware can be installed immediately when an email message is opened, or it may rely on the reader taking an additional step such as clicking on a link or attachment within the email.

There are many forms of scam emails, ranging from piquing a reader’s curiosity (Santa is REAL! Click here to see video proof!) to deals too good to pass up (Buy this house for only $159.99 down!) and threatening emails (This is your last warning. Failure to comply will lead to suspension of your account).

Before you click on that “unbelievably good holiday deal” you received in an email stop, look, and listen.

Spotting a Phishing Email: Fake Emails are Often “Urgent”

If you receive an email warning you about a suspended account, suspicious activity on an account, or threatening any action if you do not respond, STOP and think before you open it.

Does the communication have any of these common scam email earmarks?

Urgency: “Please update your financial information as soon as possible” or “Your boss needs this back immediately.”

Threatening language: “Failure to respond to this email will result in legal action.”

Account “warnings:” “Your account has been suspended because of suspicious activity.”

False “Activity”: “Your order could not be shipped” or “Information about your recent order”

STOP: Any of these traits should be a warning that the email you have received is a fake. Don’t be “bullied” into opening these emails. If you have any doubts, access your accounts directly via web browser and look for the reported activity. Verify any urgent requests for sensitive data from within your organization with the sender.

How to Spot a Scam Email: Fake Emails are Usually Generic

Since scam emails are part of a very wide net cast to catch multiple unsuspecting users, they will lack personalization. If the subject of your email contains any of the below, LOOK closer at the sender and the subject line.

Generic greetings: Hello, account holder.

Poor grammar: “Now, act here to stop activity on this accounts.”

Unknown senders: If you can’t identify the source of the message, it’s probably a scam email.

Spoofed domains: such as or

LOOK: If your subject line is not personalized, remember that almost all communications from legitimate sources will include your name. If you can’t recognize the sender, look closely at the domain associated with the email and hover over it with your cursor. The differences may be very subtle for spoofed addresses, such as .org or .net instead of .com.

Spotting a Phishing Email: Scam Emails are Too Good to be True

Rip-off and scam emails and websites pop up all over, especially during the holidays. Unfortunately, many people can’t resist a “good deal” and will not hesitate to share their information to these shady sites.

If you receive an email with a deal or a promise seems “too good to be true,” LISTEN to your instincts.

Companies you don’t know: Sites will often pop up just long enough to take orders, receive payment, and then disappear with the customer’s money.

Sales you can’t believe: “Buy one car for $1000 and get two more free!”

Products that overpromise: “This product will whiten your teeth, help you lose weight, clean your floors, and fold your laundry!”

Knock-off products: “This generic Fit-Bit is better than the original!”

Listen: Your gut instincts will often let you know that something isn’t quite right with a scam email, especially one that makes ridiculous promises and unbelievable deals. The goal of these phishing emails is to get you to “order” by filling in your credit card or bank account information through a provided link.

How to Stay on the Nice List: Don’t Get Hooked by Phishing Emails

Spotting scam emails is easy when you know what to look for. When in doubt, however, never hesitate to validate the source of the message.

Never respond to a link directly in an email. Look up the URL directly in the web browser.

Remember that legitimate companies will not send threatening emails. If your accounts are in arrears or have suspicious activities, you will receive a phone call or an email asking you to contact someone directly.

Legitimate emails will not send suspicious links. Advertising by email will involve the ads placed directly within the body of the email, not in a downloadable document or link. Likewise, emails that request you to navigate away from the site via attachment or link are highly suspicious.

Scam emails overpromise the impossible. Remember that if an email promise or deal seems too good to be true, it is too good to be true.

Anti-spam and email filtering is not just a suggestion, it’s a necessity. The biggest part of a good cybersecurity platform is having reliable, artificial intelligence based anti-spam and email filtering in place to stop emails before they hit your inbox.

Make sure your employees are informed. Providing cybersecurity awareness training will help your employees spot phishing email attempts so they don’t unintentionally infect your network or cause a breach.

Let Iconic IT Keep Your Employees on the Nice List

Iconic IT can provide the tools your business needs to protect itself from cybercrime, including email filtering and anti-spam protections. In addition, our cybersecurity awareness training classes will keep your employees off the naughty list and our phishing simulations will keep your hard-working elves on their toes.

Ready to learn more? Contact us for your free, no obligation consultation. As a special holiday gift, Iconic IT is offering a free dark web scan to all qualified businesses to make sure you avoid the ultimate naughty list: a dark web data leak. Start the New Year off the right way with our free consultation and dark web scan. Schedule yours today.


Cybersecurity Cybersecurity

Telehealth and Cybersecurity: Is Your Practice Protected?

You may not think of telehealth and cybersecurity as being linked, but the very technology you and your patients are relying on to stay connected and healthy is also one of the biggest risks you have for your practice.
Read Post
cybersecurity for remote workers Cybersecurity

Cybersecurity Tips for Remote Workers

As a business leader, you were pushed into some difficult decisions in 2020. Sending workers home to work remotely seemed a little like baking a cake without baking soda. While the idea was a good one, your approach may have been just a little flat. Cybersecurity for remote workers is a top concern for small to medium-sized businesses, per a recent study.
Read Post
Cybersecurity Cybersecurity

Cybersecurity Tips to For Patient Privacy & Healthcare Data Security

The shift to remote work has driven patients and practitioners out of the office and directly into the sights of bad actors. From healthcare targeted ransomware to third party vendor and supply chain breaches, let’s look at the biggest threats to your healthcare data security, and ways you can prevent them.
Read Post