Email fraud is a type of scam that uses email to trick victims into revealing personal information or transferring funds to fraudulent accounts.
After reading this article you will be able to:
Related Content
Business email compromise (BEC)
What is email security?
What is vendor email compromise (VEC)?
Secure email gateway (SEG)
Email attachment security
Subscribe to theNET, Cloudflare's monthly recap of the Internet's most popular insights!
Copy article link
Email fraud refers to a variety of scams and malicious activities that are carried out through email. These attacks can range from simple advance-fee scams targeting unsuspecting individuals, to sophisticated business email compromise (BEC) attacks that aim to trick large accounting departments into paying fraudulent invoices. Email fraud attackers often use social engineering tactics, such as posing as a trusted authority figure or using urgent or emotionally charged language, to manipulate their victims into taking action detrimental to themselves or their organization.
There are many examples of email fraud, but one of the most notorious examples is the advanced fee scam or the “Foreign Prince” email. In this scam, an individual posing as a wealthy prince promises to transfer a large sum of money to the victim’s account in exchange for a small upfront payment or transfer fee. Once the payment is made, the promised funds never materialize.
This scam has been around for centuries. Its origin can be traced back to the late 1800s, when it was known as the Spanish Prisoner scam. In this version, a con artist would contact victims claiming to be helping a wealthy Spanish prisoner escape, and promising a reward in exchange for a guard bribe fee.
The scam has evolved and will continue to evolve, but its underlying principle remains: promising something for nothing while taking advantage of people’s vulnerabilities.
Email fraud is a dangerous practice that has become increasingly common in today’s digital age. Attackers’ primary goal is typically to steal money or personal data — or both. They use a variety of tactics, such as phishing emails and scams, to trick victims into divulging sensitive information or transferring funds to fraudulent accounts. The effects of email fraud can be significant, ranging from financial losses to identify theft and reputational damage.
Email fraud can be tricky to spot, but common signals can include:
Although these are some common signs of an email scam, attackers have become increasingly sophisticated over time and have learned to craft convincing emails that are hard to detect.In particular, the increased availability of powerful machine-learning chatbots has enabled attackers to generate error-free email text at a higher rate than before.
Email fraud is here to stay, and cannot be eliminated completely by awareness training programs. However, there are several best practices and email security techniques that can help decrease the chances of a successful email fraud attack.