Most Common Spam Emails You Can Encounter in 2024

Most Common Spam Emails You Can Encounter in 2024
01 July, 2024 • ...
Doris Day
by Doris Day

In this article, we’ll talk about junk mail and list the most common spam email examples. We’ll provide answers as to why you receive junk mail in the first place, how to recognize it, and what are the most common spam emails.

Why am I getting spam emails?

Let’s take a look at some common methods that spammers use to obtain email addresses — and how to protect yourself from junk mail.

Data breaches

Many web services and mobile apps require an email address for signing up. When you create an account, your email goes into a list. Companies know how to send mass emails — they use this list for notifications and marketing materials. Then, data breaches happen, the entire contact lists with other personal data end up on sale. Finally, spammers use these lists to send malicious emails.

Even large corporations suffer from security breaches that may affect millions of people. For example, Ticketmaster recently confirmed “unauthorized activity”. The consequences of such breaches are way worse than receiving a bunch of annoying emails — if you’ve ever used Ticketmaster, hackers have your payment information as well.

No one can prevent such breaches, and the only way to protect yourself from them is to never sign up anywhere or use a temporary email service — and that’s not always possible. However, if you suddenly started receiving spam emails, checking if it’s because of a data breach can be useful. For example, you can change your password in a certain service or start treating incoming messages more prudently.

There are many websites and apps that check if your personal data has been compromised. Have I Been Pwned? is one of the most popular. It works like a search engine — just enter your email address and the service will look for a match in its database of exposed data. If your address was found in a breach, you’ll get a message along with the list of incidents.

Have I Been Pwned? screenshot that shows the result of a check: Trello and Canva user data breaches are described
As you can see, you don’t even have to sign up on suspicious websites to get your email address breached to spammers. In my case, these were the apps I used for work purposes.

Accidental self-exposure

Data breaches are not the only source for spam mail. Spammers use publicly available information that users expose themselves on social media and forums.For example, you wrote something like “Contact me at [email protected]” or made your address available for other users on a job search website — online activities like these make you a target for email harvesting.

Even if you absolutely need to publish your email address online, you still can prevent self-exposure and loads of spam in your inbox. Here are some ways to do this:

  • Change your privacy settings on social media
  • Give your email address in private messages instead of comments
  • Create a fake email address like [email protected] — that way, your personal data will remain unaffected and your personal inbox will be free from unwanted messages

Links in spam emails

Sometimes spam emails have an unsubscribe link — like this one:

Spam email that has an unsubscribe link “Go here to be removed forever”

Clicking on this usually barely noticeable link won’t lead you to less spam — if anything, you’ll get more spam in return. Spammers use fake unsubscribe links to verify that your email account is active. It’s often done as a part of dictionary attacks — spammers basically guess which addresses exist and send emails for a ping. By clicking an unsubscribe link in a spam email, you’re basically saying “Hey, this address is real and I’m using it actively, please send me more emails!”. This information will go further, and you’ll get spam bombed. Such links may also lead to compromised websites used for phishing or installing dangerous software on your device. 

Long story short, clicking on unsubscribe links in spam emails or responding to them is dangerous. That’s why if you come across a suspicious email, just delete it from your inbox. You can also flag such emails as spam if the filter didn’t catch them — this will protect you from receiving more emails from the same address.

Most popular phishing and spam examples of 2024

In December 2023, spam emails accounted for 46% of total email traffic — and most of it is malicious like phishing, malware or ransomware. Junk mail is not only annoying — interacting with these emails results in financial losses and identity theft. 

We’ve picked 10 most popular email fraud schemes you can find in your inbox. Some of them are old, others are relatively recent. 

Verify your Apple iCloud ID

These fake emails from Apple ask you to verify your account because it was put on hold for various reasons. But it’s a phishing attempt. If you click the link, you will be redirected to a fake Apple website that will steal your account information. 

Apple scam email telling you that they disabled your Apple ID due to policy violation, asking you to verify the account
Source: r/Scams on Reddit

In this case, the generic greeting is what gives the scam away. Legit emails from businesses always start with your name or the moniker you used for the account. 

Beneficiary and inheritance scams

This phishing scheme has been quite popular for a long time. I remember getting dozens of those in my spam folder pretty well, both in English and in my native language (poorly translated via Google, obviously). The general gist is the following: someone claims that you either inherited a lot of money or you’re entitled to the money from an unknown beneficiary fund. Then, they’ll ask you for personal data — but not for sending you the money. Yet another “too good to be true” scheme, classic.

Beneficiary email scam example that promises a milion dollars transfered to your designated bank account
Source: MalwareTips Forums

Declined payment

It’s another type of phishing scam. These spam emails claim that your payment was declined, and you need to update the billing information — otherwise, your account will be disabled. But once you click the link in the email, you’ll be redirected to a phishing website. 

Here’s a textbook example of this type of spam emails — looks pretty legit, by the way, we’re impressed! The only giveaway is slightly odd phrasing, and maybe one lowercase letter after a full stop.

XFinity update the billing information scam email that is surprisingly well-written and looks convincing
Source: XFinity forums

Your account has been locked

In this phishing scheme, spammers convince you that your account was suspended or limited for security-related reasons. To reactivate your account, you need to log in again using the link from the email. Then, like in other similar scams, spammers will steal your money or identity. 

Scammers who use this scheme can impersonate various services — here’s an example of a fake Amazon email:

Spam email from Amazon claiming that the account has been locked and you need to take immediate action using an email hyperlink, which leads to a phishing website
Source: r/Scams on Reddit

You can tell it’s not a legitimate email because of the email address — a legit email from Amazon would be sent from the @amazon.com domain. The email design is also a giveaway: Amazon emails are not entirely plain-text and contain the company logo and buttons instead of hyperlinks.

Gift card scams

This is a less popular phishing scam but it’s still good to know about — even tech-savvy users can fall for it. The scammers adopting this scheme send you emails pretending to be your boss or the CEO of your company, asking you to buy one or several gift cards for different purposes. Then, they’ll ask you for codes, PINs, and other data that will let them use the cards. The scammers may promise that they’ll pay you back — but they obviously won’t.

Here’s a relatively fresh example I found on Reddit:

Gift scam
The Reddit user caught the scammer because they misspelled the name of the user’s boss. Source: r/Scams on Reddit

McAfee alleged order scams

One of the recent phishing schemes that gained popularity in 2023 is emails impersonating McAfee — yes, the antivirus. These usually imitate transactional emails that notify about buying or renewing a subscription, except you’ve never ordered anything. In these emails, there will be a helpline number or a hyperlink to cancel the alleged transaction… And this is how scammers will lure you into giving away the credit card information.

Fake McAfee email that confirms the alleged order that costs $722.18 and offers calling a helpline to cancel the auto upgrade
Source: r/Scams on Reddit

Tax refund scams

This phishing scheme involves sending fake government emails that promise you a tax return. The link in the email redirects you to a website that seems to be legitimate but steals your personal and financial information.

Fake tax refund emails can look like this:

A fake IRS email promising a tax return of $650
Source: r/Scams on Reddit

If you received a tax refund email like this, take a look at the email address first. For example, this email pretends to be the one from IRS, which is a legit organization in the United States. However, the real IRS domain is @irs.gov — and what is this “irs-support” domain? You guessed it, a scam.

Fake HR scams

Fake emails from the HR department are a part of a relatively new phishing scheme that became a trend in 2023. The scheme involves sending email notifications from HR departments — to sound more convincing, scammers may use LinkedIn to find out where you’re currently working. In these emails, the fake HR will often ask you to update or verify the employee data, and give you a link where you can do so. However, this is a phishing link. Even worse, since you’ll probably use the work email and password for “verification”, such emails also threaten the organization, not just individuals. 

Here’s a great example I found on PCRisk, a cybersecurity resource updating users on recent threats, including current email scams.

Fake HR email inviting employees to check the memo and giving a phishing link
Source: PCRisk

Sextortion scams

This email scam is one of the oldest, and it’s still relevant in 2024. It usually involves a scammer describing certain incriminating activities they saw and recorded you doing, and asking you for money (usually bitcoin) in exchange for keeping the videos in secret. To sound more legit and frightening, scammers may include your personal information like your real social media accounts and so on.

This year, a new “leitmotif” in sextortion emails appeared — scammers started mentioning Pegasus, the military software for iOS and Android mostly used for spying on independent journalists and opposition activists. The baseline plot is still the same though, just with an extra detail that the scammer obtained the incriminating media via Pegasus. Here’s an example:

Pegasus sextortion email where the scammer claims to have gained access to the recipient’s device via spyware and recorded a video of the recipient masturbating to porn
Source: r/Scams on Reddit

Although Pegasus is not an urban legend and such emails can be downright terrifying, here’s a thing to remember — you’re not that big of a target to get your phone infected by military spyware. And if you are, let’s say, an activist, and you actually got infected, the people who did it would be more interested in your message history than watching you touch yourself. They wouldn’t notify you about the infection as well.

Package scams

This phishing scheme has  emerged during the COVID-19 pandemic and remains relevant to this day. Spammers send fake emails from delivery services like FedEx or UPS — like the one below:

Fake FedEx email notifying you that the package can’t be delivered due to incomplete information of your “physcial” address
Note the lack of personalization: dear who exactly? Source: r/Scams on Reddit

Of course you shouldn’t click the link to “update” your address — you’ll become the victim of phishing. 

Here’s another variation of the scam — instead of a “failed delivery” notification, you may receive an almost legit email that looks like this:

Fake FedEx email with a weird layout, colors not fitting the branding, and the tracking code not fitting the FedEx format
Note the weird layout and the off-brand purple and orange colors. Also, FedEx tracking codes have a different format, and the company doesn’t do calendar notifications. Source: r/Scams on Reddit

We didn’t cover all the possible email fraud schemes —  we listed 10 most common spam and phishing emails. But what if you received an email that doesn’t fall under any of these categories? 

How to identify a junk message quickly

Modern email apps have spam filters. For example, Gmail uses a neural net system that learns to separate junk mail from regular emails. But even AI is not infallible. Sometimes Gmail mistakes social media notifications or just emails with links and attachments for spam — and vice versa. That’s why we give you these key features of junk mail to look for.

Suspicious email addresses

Pay attention to any unfamiliar addresses in your inbox. But just because you don’t know it doesn’t mean it’s a spam email. Here’s the list of red flags in email addresses:

  • Random numbers and letters like [email protected].
  • Public email domain, especially if it’s a message from an organization — gmail.com, yahoo.com, etc. Keep in mind that businesses use their own domains.
  • Typos or extra symbols in a company domain like @amazonhelp.art instead of @amazon.com.
  • “Donotreply” or other variations instead of the standard “no-reply” address for automated notifications.

But some spammers learned how to plausibly imitate corporate emails — or, even worse, use legit addresses of different organizations to send spam.

Legit email addresses of weird companies

That’s a relatively new trick spammers use. I started noticing the first instances of such spam in early 2023, and, by May 2024, most of my spam folder content looks like this:

Spam email from Calgary Co-op, which is a legit company, but the scammy content is added to the user name, so the legit email from the real organization becomes spam
Calgary Co-op is a legit company — I’ve never contacted it for any purpose though

Here’s how it works: spammers sign up for newsletters or leave requests at legit business helpdesks, and put a phishing link and a message (usually about winning a lottery) instead of a username or a message. Spammers will also use your email address as the contact info. So, it will look like you received a regular transactional email or a newsletter issue from a real organization — except you’ve never subscribed to this service or requested help at this helpdesk.

In 2023, the method was so effective that these emails didn’t even end up in spam — they showed up in the primary inbox. Now, the filters adapted to the method, and such emails do end up in spam. However, if they don’t, pay attention to transactional or marketing messages from brands you’ve never interacted with: chances are, these are spam.

Foreign and mixed languages

This feature is related to the previous one. Quite often, those spammers sending emails via other companies’ newsletters and support systems use random companies that don’t even reside in your country. For example, they may use Japanese businesses while targeting English-speaking victims.

Email from a Japanese business with a phrase in English “Hi, this is Irina. I am sending you my intimate photos as I promised” and a phishing link, both may be used instead of a normal username or other info
Source: r/Scams on Reddit

Spam filters in Gmail are actually trained to discover messages in mixed languages or languages you yourself don’t usually communicate in. However, if one of these slipped in your primary inbox, think of this: if the company was actually talking to you, would it use the language you can’t understand without Google Translate?

But okay, let’s say, none of the above describe your email in question — what about the content itself? One reason to get suspicious is requests for personal information.

Personal data requests

Many businesses deal with personal data such as credit card information. For example, this is an email from Benchmark about cybersecurity concerns:

Benchmark email about credit card information
Source: Really Good Emails

An important detail here is that Benchmark doesn’t ask the client to reply with personal data. Instead, the sender asks them to fill in the necessary information on the company’s website — unlike spammers:

A spam email that asks for personal information
Source: The Daily WTF

This example is an obvious scam and “Douglas” asks for relatively harmless data. But some spammers will ask you for credit card information or passwords. Keep in mind that, for example, bank employees will never ask you for the CVV code. That’s why any personal data request, even as innocent as the one above, is a major red flag.

Sense of urgency

Creating a sense of urgency and appealing to FOMO is a common manipulation tactic in advertising. For example, take a look at this last chance email from Barnes & Noble:

A limited offer email from Barnes & Noble
Source: Really Good Emails

In this email, Barnes & Noble offers a personalized book selection and a 15% discount that is active for a short time period. They use urgency since the offer is limited — but not like this:

Urgency in spam emails example

This spam email uses an indefinite time period instead of the precise expiration date to create the sense of urgency, all caps, multiple exclamation marks, and too many words like “limited” and “offer”. Such messages usually have clickbait email headers with the same words written in all caps and with excessive punctuation. Legit companies don’t introduce clients to limited offers using such blunt techniques. 

But there’s one more sketchy detail — poor grammar at the end of the email. It brings us to the next junk mail feature — bad writing. 

Poor or nonsensical writing

When it comes to poor writing in spam emails, most people recall the infamous Nigerian scam. It started before the internet — people received letters from Nigerian royals or businessmen that asked for help with transferring money. Later it switched to digital and became more inventive with plots — for example, Nigerian princes turned into Russian entrepreneurs.

Take a look at this classic Nigerian scam email:

Nigerian prince scam email example
Source: ResearchGate

Nigerian scam emails were poorly written to look more convincing — their senders didn’t speak English as their first language. But other email scammers also write with typos, extra blank spaces, and odd phrasing — for different reasons:

  • Machine translation. Weird syntax and word choices might be the result of bad machine translation. If scammers appeal to a larger audience, they won’t spend time writing messages in different languages from scratch.
  • Filtering the audience. Cormac Herley, a researcher from Microsoft, suggested that bad grammar and comical stories in Nigerian scam emails are designed to filter their readers. Smarter people won’t sit through an email full of typos — but the most gullible audience will. 
  • Tricking spam filters. It doesn’t work with modern spam filters — but historically,  spammers deliberately misspelled words so they could slip into your inbox. Now, poor writing triggers AI-based filters instead of fooling them.

There is a different way of tricking spam filters though, which involves sending you an email that is basically a pile of word and number vomit. This trick is called Bayesian poisoning — spammers “confuse” probability-based filters so they start labeling innocent words as spam and letting their emails right into the primary inbox.

Need I say, you shouldn’t open the attachment?

Spam email that contains random words and numbers
Source: Reddit

Impersonal delivery

According to Campaign Monitor, personalized emails increase sales by 20%. And personalization is not only about data-driven customization of offers — it’s also about the language. Businesses include clients’ names even in formal notification emails — like this one from Amazon:

Amazon notification email
Source: Really Good Emails

Spammers can imitate such notification emails in a pretty convincing way — except for one small detail. Compare our previous example to this fake Amazon email:

Amazon order confirmation scam email
Source: Forbes

Even if fake emails imitate notifications from large companies, they have generic greetings like “Dear Customer/Client” or “Dear Sir/Madam”. But this, like the features we mentioned earlier, doesn’t have a lot to do with the email content itself. What about it?

Too good to be true

Some spam emails will promise you a reward for clicking a link, downloading an attachment, or sending personal information. It can be a ridiculous amount of money or any other bonus from a company or even a celebrity. But the thing is, if it’s too good to be true, it’s likely a lie. For example, this email is definitely not from Mark Zuckerberg. 

A spam email from Mark Zuckerberg
Source: Essential IT Solutions

These are the most prominent features of junk mail. If you come across any of these in the new email, do the following:

  • don’t click on any links, download attachments, or respond;
  • mark this email as “Spam” so you wouldn’t receive more junk mail from the same sender — or delete it from your inbox.

Wrapping up

Spam emails might seem funny and clumsy but they are dangerous — phishing leads to loss of money and possible identity theft. Scammers get more inventive with their schemes — that’s why it’s important to know the key features of junk mail and never interact with such emails for the sake of your safety.

Some of the common spam emails are:

  • Fake Apple ID account verification
  • Beneficiary and inheritance scams
  • Declined payment emails
  • Account suspension notifications
  • Gift card scams
  • McAfee fake subscription purchase or renewal scams
  • Fake tax refund emails
  • Messages from fake HRs asking you to verify employee data
  • Sextortion scams involving cryptocurrency and mentioning spyware on your devices
  • Fake package delivery notifications
01 July, 2024
Article by
Doris Day
An experienced writer and editor with a degree in theoretical linguistics and a specialization in B2B/IT/SaaS marketing copy. I see my mission as an educator who explains complex phenomena using simple terms. My favorite show is "What We Do in the Shadows" and I usually spend my weekends somewhere in nature.
Visit Doris's
Selzy
Selzy
Selzy
Selzy
Selzy
Latest Articles
Selzy Selzy Selzy Selzy