Spam: what kinds of it are there and how to understand that it is fraudulent?

Fraudulent actors have a lot of methods to steal users’ information or make them wire money into their account. Spam is one of these methods. The Analytical department of Falcongaze did its best to tell about the most widely known traits that can tell that a message is malicious and its sender is a fraudulent actor.

What is spam and what kinds of it are there?

Spam is a mass distribution of unwanted letters. More often they are of advertising character. However, there can be the so-called “letters of happiness” when you are asked to send this message to other users so that something good happens or something bad doesn’t happen. They are harmless most of times.

However, there is a kind of spam that not only wastes user’s time, but also damages user’s device or wallet. This kind of spam includes phishing messages, Nigerian messages, and messages that contain malware.

  • Phishing messages. This is the case when fraudulent actors pretend to write on behalf of famous company, store, or brand. They often attach a link to a fake web-site. One letter can make the domain name different from the original one. Phishing aims at your credentials or payment cards details;
  • Nigerian messages are called Nigerian because they were widely spread in Nigeria. The sender allegedly offers a great sum of money in exchange for just a small contribution;
  • Messages that contain malware. The malware infects the user’s device, steals data, and gives hackers remote access to the user’s device.

How to understand that a message is malicious?

There are several features that can help you understand that a message is fake, and its aim is to steal your information or make you transmit money to unknown address. Here they are:

  1. The message is sent via public e-mail service.

No company will send you e-mails via popular e-mail services such as Gmail, Yahoo! Mail etc. Especially the owners of this services. Most companies except, maybe, small businesses have their own domain name. It means that official e-mail from Google will end on, not

Spammers often use this trick because for some users it is enough to see just the name of a sender to read a message immediately. Nevertheless, it is better to spend several seconds to check sender’s e-mail address than, for example, then you will have to return the access to your device.

  1. The domain name is written with mistakes.

Unfortunately, checking the sender’s e-mail address is not enough. Spammers have methods for such cases to mislead a user.

They buy domain names creating them to be very similar to the original one. Plus, there should not be a lot of characters replacing. For instance, the letter “m” is often divided into 2 symbols: “rn” = r+n, instead of “l”, “i” is often written. You can not notice these changes at first glance.

You should be attentive because fraudulent actors often use “homoglyphs” – they are the symbols that look the same, but they relate to different languages. For example, the Russian letter “a” looks the same as the English letter “a”. In this case, it is difficult to verify the domain name, that’s why special software is often used.

Companies will not make a mistake when writing their own name. For example, PayPal will not write its name as Paypal.

  1. The message subject sounds fascinating.

If message subject tells about unbelievable opportunities to earn money easily, get free cure, or, vice versa, there is a requirement for money, then the message is spam.

These messages always look like you are given million dollars with no reason. Unfortunately, it doesn’t happen. That’s why you can mark them as spam.

The fraudulent actors usually write about discounts. For example, in the eve of “Black Friday” companies inform their clients about discounts they will have. Fraudulent actors take advantage of the situation and send malicious e-mails. Be careful when following links.

Spammers sometimes mark message subject with “It is not a Spam!” text. Don’t trust this trick aimed at you opening the letter.

  1. There are a lot of mistakes in the message.

Spammers are not usually native speakers that is why there are a lot of mistakes in messages. They use translators and don’t edit the text.

It must be noticed that you will find mistakes not in the words but in grammar structures. Wrong word order, auxiliary verbs absence and others will point out that the message was written by a person who doesn’t know the language well.

The companies always avoid these situations. Their messages may contain one or two typos. Nevertheless, it happens rarely because they check the written text meticulously.

  1. The message contains suspicious links or attachments.

Phishing messages often contain suspicious links, usually reduced so that you don’t understand where it leads. They often lead to web-sites where hackers steal users’ data (ex. logins, passwords, payment cards details, phone numbers etc.).

Attachments can contain malicious code which can give remote control over your device to a hacker or steal sensitive information etc.

If you are not sure about the sender and you don’t expect a message with a link or an attachment, then you’d better not open it. Or you can contact the sender to find out if they send something or not.

  1. The message causes a feeling of emergency.

The usual strategy of spammers it to cause a feeling of emergency. They can write that you account was compromised or somebody tried to gain access to it, and you need to change a password immediately. A user starts worrying and don’t think when following the link attached.

Fraudulent actors can also send messages requiring for personal information. It points out that something is wrong. Companies and officials don’t ask for personal information or credit cards details in e-mails.

You should check sender’s e-mail address once again. If there is a possibility, contact them to know whether they send this message or not.

To conclude, if you care for your data and your device, then check the sender’s name meticulously, their e-mail, be careful following links and downloading attachments. Be suspicion when there are a lot of mistakes in message, don’t follow your emotions if the message causes the feeling of emergency or you are promised to get a lot of money in exchange for a small sum.

Important publications

What is UBA? 6 August 2019
What is DLP systems? 13 February 2019