The most common spam emails in 2024 (2024)

Table of Contents
Why am I getting spam emails? Data breaches Accidental self-exposure Links in spam emails Most popular phishing and spam examples of 2024 Verify your Apple iCloud ID Beneficiary and inheritance scams Declined payment Your account has been locked Gift card scams McAfee alleged order scams Tax refund scams Fake HR scams Sextortion scams Package scams How to identify a junk message quickly Suspicious email addresses Legit email addresses of weird companies Foreign and mixed languages Personal data requests Sense of urgency Poor or nonsensical writing Impersonal delivery Too good to be true Wrapping up

In this article, we’ll talk about junk mail and list the most common spam email examples. We’ll provide answers as to why you receive junk mail in the first place, how to recognize it, and what are the most common spam emails.

Why am I getting spam emails?

Let’s take a look at some common methods that spammers use to obtain email addresses — and how to protect yourself from junk mail.

Data breaches

Many web services and mobile apps require an email address for signing up. When you create an account, your email goes into a list. Companies know how to send mass emails — they use this list for notifications and marketing materials. Then, data breaches happen, the entire contact lists with other personal data end up on sale. Finally, spammers use these lists to send malicious emails.

Even large corporations suffer from security breaches that may affect millions of people. For example, Ticketmaster recently confirmed “unauthorized activity”. The consequences of such breaches are way worse than receiving a bunch of annoying emails — if you’ve ever used Ticketmaster, hackers have your payment information as well.

No one can prevent such breaches, and the only way to protect yourself from them is to never sign up anywhere or use a temporary email service — and that’s not always possible. However, if you suddenly started receiving spam emails, checking if it’s because of a data breach can be useful. For example, you can change your password in a certain service or start treating incoming messages more prudently.

There are many websites and apps that check if your personal data has been compromised. Have I Been Pwned? is one of the most popular. It works like a search engine — just enter your email address and the service will look for a match in its database of exposed data. If your address was found in a breach, you’ll get a message along with the list of incidents.

As you can see, you don’t even have to sign up on suspicious websites to get your email address breached to spammers. In my case, these were the apps I used for work purposes.

Accidental self-exposure

Data breaches are not the only source for spam mail. Spammers use publicly available information that users expose themselves on social media and forums.For example, you wrote something like “Contact me at [emailprotected]” or made your address available for other users on a job search website — online activities like these make you a target for email harvesting.

Even if you absolutely need to publish your email address online, you still can prevent self-exposure and loads of spam in your inbox. Here are some ways to do this:

  • Change your privacy settings on social media
  • Give your email address in private messages instead of comments
  • Create a fake email address like [emailprotected] — that way, your personal data will remain unaffected and your personal inbox will be free from unwanted messages

Links in spam emails

Sometimes spam emails have an unsubscribe link — like this one:

Clicking on this usually barely noticeable link won’t lead you to less spam — if anything, you’ll get more spam in return. Spammers use fake unsubscribe links to verify that your email account is active. It’s often done as a part of dictionary attacks — spammers basically guess which addresses exist and send emails for a ping. By clicking an unsubscribe link in a spam email, you’re basically saying “Hey, this address is real and I’m using it actively, please send me more emails!”. This information will go further, and you’ll get spam bombed. Such links may also lead to compromised websites used for phishing or installing dangerous software on your device.

Long story short, clicking on unsubscribe links in spam emails or responding to them is dangerous. That’s why if you come across a suspicious email, just delete it from your inbox. You can also flag such emails as spam if the filter didn’t catch them — this will protect you from receiving more emails from the same address.

Most popular phishing and spam examples of 2024

In December 2023, spam emails accounted for 46% of total email traffic — and most of it is malicious like phishing, malware or ransomware. Junk mail is not only annoying — interacting with these emails results in financial losses and identity theft.

We’ve picked 10 most popular email fraud schemes you can find in your inbox. Some of them are old, others are relatively recent.

Verify your Apple iCloud ID

These fake emails from Apple ask you to verify your account because it was put on hold for various reasons. But it’s a phishing attempt. If you click the link, you will be redirected to a fake Apple website that will steal your account information.

Source: r/Scams on Reddit

In this case, the generic greeting is what gives the scam away. Legit emails from businesses always start with your name or the moniker you used for the account.

Beneficiary and inheritance scams

This phishing scheme has been quite popular for a long time. I remember getting dozens of those in my spam folder pretty well, both in English and in my native language (poorly translated via Google, obviously). The general gist is the following: someone claims that you either inherited a lot of money or you’re entitled to the money from an unknown beneficiary fund. Then, they’ll ask you for personal data — but not for sending you the money. Yet another “too good to be true” scheme, classic.

Source: MalwareTips Forums

Declined payment

It’s another type of phishing scam. These spam emails claim that your payment was declined, and you need to update the billing information — otherwise, your account will be disabled. But once you click the link in the email, you’ll be redirected to a phishing website.

Here’s a textbook example of this type of spam emails — looks pretty legit, by the way, we’re impressed! The only giveaway is slightly odd phrasing, and maybe one lowercase letter after a full stop.

Source: XFinity forums

Your account has been locked

In this phishing scheme, spammers convince you that your account was suspended or limited for security-related reasons. To reactivate your account, you need to log in again using the link from the email. Then, like in other similar scams, spammers will steal your money or identity.

Scammers who use this scheme can impersonate various services — here’s an example of a fake Amazon email:

See Also
How to Check if an Email is Valid: 5 MethodsAll You Need to Know About Spam Emails

Source: r/Scams on Reddit

You can tell it’s not a legitimate email because of the email address — a legit email from Amazon would be sent from the @amazon.com domain. The email design is also a giveaway: Amazon emails are not entirely plain-text and contain the company logo and buttons instead of hyperlinks.

Gift card scams

This is a less popular phishing scam but it’s still good to know about — even tech-savvy users can fall for it. The scammers adopting this scheme send you emails pretending to be your boss or the CEO of your company, asking you to buy one or several gift cards for different purposes. Then, they’ll ask you for codes, PINs, and other data that will let them use the cards. The scammers may promise that they’ll pay you back — but they obviously won’t.

Here’s a relatively fresh example I found on Reddit:

The Reddit user caught the scammer because they misspelled the name of the user’s boss. Source: r/Scams on Reddit

McAfee alleged order scams

One of the recent phishing schemes that gained popularity in 2023 is emails impersonating McAfee — yes, the antivirus. These usually imitate transactional emails that notify about buying or renewing a subscription, except you’ve never ordered anything. In these emails, there will be a helpline number or a hyperlink to cancel the alleged transaction… And this is how scammers will lure you into giving away the credit card information.

Source: r/Scams on Reddit

Tax refund scams

This phishing scheme involves sending fake government emails that promise you a tax return. The link in the email redirects you to a website that seems to be legitimate but steals your personal and financial information.

Fake tax refund emails can look like this:

Source: r/Scams on Reddit

If you received a tax refund email like this, take a look at the email address first. For example, this email pretends to be the one from IRS, which is a legit organization in the United States. However, the real IRS domain is @irs.gov — and what is this “irs-support” domain? You guessed it, a scam.

Fake HR scams

Fake emails from the HR department are a part of a relatively new phishing scheme that became a trend in 2023. The scheme involves sending email notifications from HR departments — to sound more convincing, scammers may use LinkedIn to find out where you’re currently working. In these emails, the fake HR will often ask you to update or verify the employee data, and give you a link where you can do so. However, this is a phishing link. Even worse, since you’ll probably use the work email and password for “verification”, such emails also threaten the organization, not just individuals.

Here’s a great example I found on PCRisk, a cybersecurity resource updating users on recent threats, including current email scams.

Source: PCRisk

Sextortion scams

This email scam is one of the oldest, and it’s still relevant in 2024. It usually involves a scammer describing certain incriminating activities they saw and recorded you doing, and asking you for money (usually bitcoin) in exchange for keeping the videos in secret. To sound more legit and frightening, scammers may include your personal information like your real social media accounts and so on.

This year, a new “leitmotif” in sextortion emails appeared — scammers started mentioning Pegasus, the military software for iOS and Android mostly used for spying on independent journalists and opposition activists. The baseline plot is still the same though, just with an extra detail that the scammer obtained the incriminating media via Pegasus. Here’s an example:

Source: r/Scams on Reddit

Although Pegasus is not an urban legend and such emails can be downright terrifying, here’s a thing to remember — you’re not that big of a target to get your phone infected by military spyware. And if you are, let’s say, an activist, and you actually got infected, the people who did it would be more interested in your message history than watching you touch yourself. They wouldn’t notify you about the infection as well.

Package scams

This phishing scheme has emerged during the COVID-19 pandemic and remains relevant to this day. Spammers send fake emails from delivery services like FedEx or UPS — like the one below:

Note the lack of personalization: dear who exactly? Source: r/Scams on Reddit

Of course you shouldn’t click the link to “update” your address — you’ll become the victim of phishing.

Here’s another variation of the scam — instead of a “failed delivery” notification, you may receive an almost legit email that looks like this:

Note the weird layout and the off-brand purple and orange colors. Also, FedEx tracking codes have a different format, and the company doesn’t do calendar notifications. Source: r/Scams on Reddit

We didn’t cover all the possible email fraud schemes — we listed 10 most common spam and phishing emails. But what if you received an email that doesn’t fall under any of these categories?

How to identify a junk message quickly

Modern email apps have spam filters. For example, Gmail uses a neural net system that learns to separate junk mail from regular emails. But even AI is not infallible. Sometimes Gmail mistakes social media notifications or just emails with links and attachments for spam — and vice versa. That’s why we give you these key features of junk mail to look for.

Suspicious email addresses

Pay attention to any unfamiliar addresses in your inbox. But just because you don’t know it doesn’t mean it’s a spam email. Here’s the list of red flags in email addresses:

  • Random numbers and letters like [emailprotected].
  • Public email domain, especially if it’s a message from an organization — gmail.com, yahoo.com, etc. Keep in mind that businesses use their own domains.
  • Typos or extra symbols in a company domain like @amazonhelp.art instead of @amazon.com.
  • “Donotreply” or other variations instead of the standard “no-reply” address for automated notifications.

But some spammers learned how to plausibly imitate corporate emails — or, even worse, use legit addresses of different organizations to send spam.

Legit email addresses of weird companies

That’s a relatively new trick spammers use. I started noticing the first instances of such spam in early 2023, and, by May 2024, most of my spam folder content looks like this:

Calgary Co-op is a legit company — I’ve never contacted it for any purpose though

Here’s how it works: spammers sign up for newsletters or leave requests at legit business helpdesks, and put a phishing link and a message (usually about winning a lottery) instead of a username or a message. Spammers will also use your email address as the contact info. So, it will look like you received a regular transactional email or a newsletter issue from a real organization — except you’ve never subscribed to this service or requested help at this helpdesk.

In 2023, the method was so effective that these emails didn’t even end up in spam — they showed up in the primary inbox. Now, the filters adapted to the method, and such emails do end up in spam. However, if they don’t, pay attention to transactional or marketing messages from brands you’ve never interacted with: chances are, these are spam.

Foreign and mixed languages

This feature is related to the previous one. Quite often, those spammers sending emails via other companies’ newsletters and support systems use random companies that don’t even reside in your country. For example, they may use Japanese businesses while targeting English-speaking victims.

Source: r/Scams on Reddit

Spam filters in Gmail are actually trained to discover messages in mixed languages or languages you yourself don’t usually communicate in. However, if one of these slipped in your primary inbox, think of this: if the company was actually talking to you, would it use the language you can’t understand without Google Translate?

But okay, let’s say, none of the above describe your email in question — what about the content itself? One reason to get suspicious is requests for personal information.

Personal data requests

Many businesses deal with personal data such as credit card information. For example, this is an email from Benchmark about cybersecurity concerns:

Source: Really Good Emails

An important detail here is that Benchmark doesn’t ask the client to reply with personal data. Instead, the sender asks them to fill in the necessary information on the company’s website — unlike spammers:

Source: The Daily WTF

This example is an obvious scam and “Douglas” asks for relatively harmless data. But some spammers will ask you for credit card information or passwords. Keep in mind that, for example, bank employees will never ask you for the CVV code. That’s why any personal data request, even as innocent as the one above, is a major red flag.

Sense of urgency

Creating a sense of urgency and appealing to FOMO is a common manipulation tactic in advertising. For example, take a look at this last chance email from Barnes & Noble:

Source: Really Good Emails

In this email, Barnes & Noble offers a personalized book selection and a 15% discount that is active for a short time period. They use urgency since the offer is limited — but not like this:

This spam email uses an indefinite time period instead of the precise expiration date to create the sense of urgency, all caps, multiple exclamation marks, and too many words like “limited” and “offer”. Such messages usually have clickbait email headers with the same words written in all caps and with excessive punctuation. Legit companies don’t introduce clients to limited offers using such blunt techniques.

But there’s one more sketchy detail — poor grammar at the end of the email. It brings us to the next junk mail feature — bad writing.

Poor or nonsensical writing

When it comes to poor writing in spam emails, most people recall the infamous Nigerian scam. It started before the internet — people received letters from Nigerian royals or businessmen that asked for help with transferring money. Later it switched to digital and became more inventive with plots — for example, Nigerian princes turned into Russian entrepreneurs.

Take a look at this classic Nigerian scam email:

Source: ResearchGate

Nigerian scam emails were poorly written to look more convincing — their senders didn’t speak English as their first language. But other email scammers also write with typos, extra blank spaces, and odd phrasing — for different reasons:

  • Machine translation. Weird syntax and word choices might be the result of bad machine translation. If scammers appeal to a larger audience, they won’t spend time writing messages in different languages from scratch.
  • Filtering the audience. Cormac Herley, a researcher from Microsoft, suggested that bad grammar and comical stories in Nigerian scam emails are designed to filter their readers. Smarter people won’t sit through an email full of typos — but the most gullible audience will.
  • Tricking spam filters. It doesn’t work with modern spam filters — but historically, spammers deliberately misspelled words so they could slip into your inbox. Now, poor writing triggers AI-based filters instead of fooling them.

There is a different way of tricking spam filters though, which involves sending you an email that is basically a pile of word and number vomit. This trick is called Bayesian poisoning — spammers “confuse” probability-based filters so they start labeling innocent words as spam and letting their emails right into the primary inbox.

Need I say, you shouldn’t open the attachment?

Source: Reddit

Impersonal delivery

According to Campaign Monitor, personalized emails increase sales by 20%. And personalization is not only about data-driven customization of offers — it’s also about the language. Businesses include clients’ names even in formal notification emails — like this one from Amazon:

Source: Really Good Emails

Spammers can imitate such notification emails in a pretty convincing way — except for one small detail. Compare our previous example to this fake Amazon email:

Source: Forbes

Even if fake emails imitate notifications from large companies, they have generic greetings like “Dear Customer/Client” or “Dear Sir/Madam”. But this, like the features we mentioned earlier, doesn’t have a lot to do with the email content itself. What about it?

Too good to be true

Some spam emails will promise you a reward for clicking a link, downloading an attachment, or sending personal information. It can be a ridiculous amount of money or any other bonus from a company or even a celebrity. But the thing is, if it’s too good to be true, it’s likely a lie. For example, this email is definitely not from Mark Zuckerberg.

Source: Essential IT Solutions

These are the most prominent features of junk mail. If you come across any of these in the new email, do the following:

  • don’t click on any links, download attachments, or respond;
  • mark this email as “Spam” so you wouldn’t receive more junk mail from the same sender — or delete it from your inbox.

Wrapping up

Spam emails might seem funny and clumsy but they are dangerous — phishing leads to loss of money and possible identity theft. Scammers get more inventive with their schemes — that’s why it’s important to know the key features of junk mail and never interact with such emails for the sake of your safety.

Some of the common spam emails are:

  • Fake Apple ID account verification
  • Beneficiary and inheritance scams
  • Declined payment emails
  • Account suspension notifications
  • Gift card scams
  • McAfee fake subscription purchase or renewal scams
  • Fake tax refund emails
  • Messages from fake HRs asking you to verify employee data
  • Sextortion scams involving cryptocurrency and mentioning spyware on your devices
  • Fake package delivery notifications
The most common spam emails in 2024 (2024)
Top Articles
New Jersey Life & Health Insurance License Class & Exam Prep
Gold vs other assets: average 20-year returns 2023 | Statista
9.4: Resonance Lewis Structures
How To Fix Epson Printer Error Code 0x9e
Joi Databas
Skyward Houston County
DPhil Research - List of thesis titles
Time in Baltimore, Maryland, United States now
Best Big Jumpshot 2K23
Kansas Craigslist Free Stuff
Tv Guide Bay Area No Cable
Plus Portals Stscg
Routing Number 041203824
Www.megaredrewards.com
Weapons Storehouse Nyt Crossword
Pwc Transparency Report
Hallelu-JaH - Psalm 119 - inleiding
10 Great Things You Might Know Troy McClure From | Topless Robot
A Guide to Common New England Home Styles
Industry Talk: Im Gespräch mit den Machern von Magicseaweed
Lax Arrivals Volaris
Ts Lillydoll
Vermont Craigs List
Rondom Ajax: ME grijpt in tijdens protest Ajax-fans bij hoofdbureau politie
Craigslist Sparta Nj
Site : Storagealamogordo.com Easy Call
How To Level Up Roc Rlcraft
Catherine Christiane Cruz
Culver's Flavor Of The Day Taylor Dr
Winco Employee Handbook 2022
Amazing Lash Studio Casa Linda
The Tower and Major Arcana Tarot Combinations: What They Mean - Eclectic Witchcraft
Ecampus Scps Login
Turbo Tenant Renter Login
Pioneer Library Overdrive
Carroway Funeral Home Obituaries Lufkin
Town South Swim Club
Despacito Justin Bieber Lyrics
Reborn Rich Ep 12 Eng Sub
Leatherwall Ll Classifieds
Plead Irksomely Crossword
Craigslist Com Panama City Fl
Seven Rotten Tomatoes
Tattoo Shops In Ocean City Nj
Television Archive News Search Service
St Vrain Schoology
Craigslist St Helens
Muni Metro Schedule
Join MileSplit to get access to the latest news, films, and events!
Ciara Rose Scalia-Hirschman
Mazda 3 Depreciation
Latest Posts
How to Make 70% Isopropyl Alcohol from 99% Isopropyl Alcohol
10 years ago a Wall Street firm with $400 billion in assets collapsed. Why Bear Stearns could happen again
Article information

Author: Kelle Weber

Last Updated:

Views: 6308

Rating: 4.2 / 5 (53 voted)

Reviews: 92% of readers found this page helpful

Author information

Name: Kelle Weber

Birthday: 2000-08-05

Address: 6796 Juan Square, Markfort, MN 58988

Phone: +8215934114615

Job: Hospitality Director

Hobby: tabletop games, Foreign language learning, Leather crafting, Horseback riding, Swimming, Knapping, Handball

Introduction: My name is Kelle Weber, I am a magnificent, enchanting, fair, joyous, light, determined, joyous person who loves writing and wants to share my knowledge and understanding with you.