Scam emails about money have evolved past Nigerian prince clichés. The current generation looks exactly like real emails from real companies. Here is how to separate them.
The four most common money-related scam emails
1. The fake invoice
Email shows a recent "purchase" you did not make. Norton 360 for $399. Geek Squad renewal for $499. Often PayPal-themed. Asks you to "cancel" by clicking a link or calling a number.
The play: Panic-induced call to the scammer's "support line." They walk the victim through "refunding" the charge, which is actually wiring money or installing remote access software.
2. The fake bank fraud alert
"We detected suspicious activity on your account. Verify here." Looks like Chase, Bank of America, Wells Fargo, etc.
The play: Link goes to a fake bank login. Victim enters credentials. Scammer drains account.
3. The fake subscription renewal
"Your subscription will auto-renew tomorrow for $89.99." Asks to confirm or cancel via link.
The play: Same as fake invoice. Link or phone number is the trap.
4. The "package undeliverable, additional fee required"
USPS or FedEx-themed. "Your package needs a $2.99 redelivery fee."
The play: $2.99 is just to grab a credit card. The real charges hit later.
The five-step real-or-fake test
For any email asking for money or verification, run these in order:
Step 1: Check the sender's actual email address
Not the display name. The actual email after the < and >. Real Amazon emails are from @amazon.com. Real Chase from @chase.com. If the address is like "Chase Alert
On mobile, tap the sender name to expand the full email address.
Step 2: Hover over the links (do not click)
On a computer, hover the mouse over any link. The destination URL appears at the bottom. Does the domain match the company? "chase.com" is real. "chase-verify.support" is fake. "chase.somethingelse.com" is fake (the actual domain is whatever comes right before the .com).
On mobile, long-press the link to see the URL without opening it.
Step 3: Check your actual account
If the email says you bought something, log in to the real account (Amazon, your bank, etc.) by going there directly. Do not click the email link. Is the charge actually there? If not, the email is fake.
Step 4: Read the email carefully
Scams often have:
- Awkward grammar or odd word choice.
- Urgency language ("immediate action required," "within 24 hours").
- Threats ("your account will be suspended").
- Requests for unusual information.
Real banks and companies write more conservatively.
Step 5: When in doubt, call the company directly
Look up the company's customer service number from a previous bill or their official website. Call that. Ask if the email is real. Real companies are happy to verify; they want to help fight fraud.
The trap to avoid: "Reply to this email"
Never click "reply" to a suspicious email and ask "is this real?" The reply goes back to the scammer, who will of course say yes. Always look up the company's contact info independently.
What to do if your parent already responded
If they clicked the link and entered info:
- Change the password for the account they tried to log in to. Same for any account using a similar password.
- Call the bank's fraud line on the number on the back of the card. Freeze or replace the card if they entered payment info.
- Place a credit freeze with Experian, Equifax, and TransUnion if they entered SSN or birthdate.
- Watch the accounts for the next 60 days. Scammers often wait days or weeks to act.
- Report to FTC: reportfraud.ftc.gov.
The setup that prevents most of these
Three things to enable for your parent:
- Gmail's spam filter is excellent. If they are on Yahoo or AOL, consider a migration. The spam catch rate is dramatically better.
- Two-factor authentication on the email account. Even if a scammer gets the password, they cannot log in.
- The forwarding habit. Whenever an email looks weird, forward to a trusted family member or to Kinline at help@kinline.ai. We will tell them in seconds if it is real.
The card to print and hang next to their computer
Before clicking a link in any email asking for money:
1. Check the actual sender email address.
2. Hover over the link to see the real URL.
3. Log in to the real account directly. Is the charge actually there?
4. If unsure, forward the email to help@kinline.ai. We will tell you in seconds.
5. Never reply asking "is this real?"
For related scams, see fake delivery texts and our roundup of senior scams.