5 Worst Email Scams Of 2014 You Should Be Aware Of

Matthew Hughes 03-06-2014

Why work, when you can make a living through deception, fraud and generally shady behavior, right? Wrong. Dead wrong.


I’ll be honest, I don’t like Internet fraudsters. I really don’t. They try to take advantage of the trusting nature of honest, decent people in order to make a quick buck. And I don’t respect that.

The best way to beat these scams is to be aware of them. With that in mind, here’s the five worst email scams of 2014. Take note.

BBC Lottery Scam

The BBC is one of the oldest, most respected, and best funded media institutions in the world, so it makes sense that people would try to piggyback off their reputation in order to make a quick buck. One e-mail scam doing the rounds at the moment informs the recipient that they have won the National Lottery.

Makes sense, right? I mean, the BBC is intimately linked to the National Lottery, and broadcast the weekly drawings. Only problem? The reader hasn’t won anything. It’s a hoax.

It also seems that this scam has also made its way to India, with one unfortunate man traveling 1700km in order to collect his winnings after having received an SMS congratulating him on having won 30 million rupees on the BBC National Lottery. It was, of course, a cruel hoax.


Student Finance England Scam

Student Finance England is the organization that distributes loans for tuition fees and living expenses for any English student enrolled in a course of tertiary education in the United Kingdom. Whilst tuition fees are usually sent direct to the university or college, maintenance loans and grants are delivered to the student.


To a fraudster, this represents an enticing target. Loans are often as much as £6000 per annum, dispersed in thirds each semester. So, unsurprisingly there’s a phishing e-mail taking advantage of this.

There are a couple of variants. Some send the victim to a site designed to mirror the Student Finance England site. Others ask for sufficient information to change the bank details of the victim.


On the whole, be careful of any emails purporting to be from Student Finance England and ensure that when you log into the site, you do from the official website.

NICE Cancer Hoax

This is one of the more odious scams I’ve came across whilst researching this piece. The way it works is pretty simple. You get an e-mail supposedly from the National Institute For Clinical Excellence (NICE) – the body which sets the standards in the UK’s hospitals.

The e-mail implies that you have been diagnosed with cancer, and encourages you to check out some test results attached. Those test results are actually a malicious executable file disguised as a PDF document How to Spot Unsafe Email Attachments: 6 Red Flags Reading an email should be safe, but attachments can be harmful. Look for these red flags to spot unsafe email attachments. Read More . Once opened, it harvests passwords from your computer and relays it back to a central server.

Horrible, right? Let’s be clear. No serious medical institution will ever give a diagnosis of cancer via e-mail. It’s just… Not done. Moreover, NICE don’t give diagnoses. It’s just not what they do. They’re basically the UKs analog to the FDA.


If you get this e-mail, don’t give it the time of day. Just delete it.

Netflix Support Scam

Okay, Netflix scammers. You’re obviously not very nice people, but I’ll give you points for creativity.

There are a couple of variants on this scam, but they generally follow this pattern. You get an e-mail saying your account has been disabled due to unauthorized access, and then get told to call a toll-free US number in order to unlock your account.

You are then informed that your account had been hacked due to not having ‘enhanced Netflix Security’ (no, I’m not making this up) installed on your computer. But, they can fix it! Well, a ‘Microsoft Certified Technician’ can fix it, but it’ll cost you, and you’ll have to let them remotely access your computer.


Sounds familiar? What Should You Do After Falling For A Fake IT Support Scam? Search for "fake tech support scam" and you will understand how common it is across the world. Some simple precautions after the event could help you feel less of a victim. Read More

Steam Guard Phishing Scam

This isn’t a run of the mill phishing scam. No sir. This one differs in a couple of ways. Firstly, it takes advantage of the built-in messaging system in Valve and then pretends to be the Steam Guard system which, ironically is designed to protect against phishing.


You are asked to send a copy of your SSFN file. You’ve probably never heard of it before, but it’s a crucial component of Steam, containing all the configuration values to identify your computer as trusted. With it, someone could easily purge your Steam account of anything of value. Scary, right?

So, how do protect against this? Well, simple really. You treat your SSFN file as you would treat a password, or your social security number, and never disclose it to anyone. Ever.

Protect Yourself

Horrible, right? Fortunately, you can protect yourself. Read up on Social Engineering, What Is Social Engineering? [MakeUseOf Explains] You can install the industry’s strongest and most expensive firewall. You can educate employees about basic security procedures and the importance of choosing strong passwords. You can even lock-down the server room - but how... Read More which is the type of attack used in these scams. In the past, we’ve also looked at how to report e-mail fraud to the authorities. How to Report Email Fraud and Spam to Authorities Here's how to report email fraud to the proper authorities, including governments, companies, and email services. Read More

Fallen victim to any of these scams? Drop me a line and let me know about it. Comments box is below.

Photo Credit: BBC Television Center (Mike Flemming), Student Loan (Simon Cunningham),  Deadseriou5 (stuad70) [Broken Link Removed]

Related topics: Email Tips, Online Security.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Neal O
    September 23, 2014 at 4:14 am

    I had fallen to that Steam one recently due to some scammer sent me a link to a fake profile and boom. Got defrauded for over wallet funds and market stuff.

  2. Jerry C
    June 5, 2014 at 8:24 pm

    It seems that all of these scams are UK based. Is this the case or are they sent all over?? I always go through my spam emails because Yahoo put just about as many good emails in the spam file as they do my inbox. I usually go through them and see if there is anything good. I usually turn down around $50 million (US) each day to people that have cancer and have chosen lucky me to give all their money to. In addition, there are a whole bunch that tell me that I qualified for those grants from the Government that I never applied for. I'm pretty sure that all of these are scams. Either that or I really am giving up on an ass load of money that I could really use. LOL

  3. Dann A
    June 5, 2014 at 1:45 pm

    As a regular recipient of student loans, I can only imagine how difficult it would make life if someone nabbed them. That's awful! Glad to know about these—thanks for keeping us updated!

  4. Dee W
    June 4, 2014 at 10:01 pm

    OK, you youngsters quit badmouthing your granny, because I've been online since my modem was a special phone that sat on the corner of my desk (1989, thank you!) and I've not had a single virus, nor have I ever been taken in by a single scam, and I routinely get at least a hundred scam emails alone, and that doesn't include the run of the mill spam ones LOL.

    I spoke with an FBI agent friend about this very issue one time, and he said statistically, one in every ten thousand scam emails will result in someone actually being defrauded of at least a nominal amount of money. He went on to say that of that one in ten thousand, about another one in five hundred or so will lose a significant amount of money.

    Running these scammers to ground is almost impossible because almost all of them are in foreign countries and the law enforcement in most of the rest of the world isn't particularly interested in cooperating with an investigation.

    It used to be that computer ownership was limited to a fairly elite, pretty well educated and very small group of people. Now, anyone with $50 to spare can buy a smartphone and hop onto Facebook or other equally inane sites and read and spread a multitude of urban legends, respond to seventy five Nigerian scam emails, and....dare I say it? porn at their leisure. Any and all of those are pretty well guaranteed to cause someone who is not only not tech savvy but also not world savvy to find themselves in the midst of a problem of one sort or another.

    Then, your phone rings, and your friend wants you to fix it, preferably for free. If you don't want to do that, my advice is to not ever let anyone know that you possess the prerequisite knowledge to remedy their current FUBAR, as well as the twenty following ones. If you don't want to provide free tech support and don't want to be regarded as the biggest (insert-your-favorite-derogatory-term) on Earth, just do NOT let people know you know how to pop a cover, much less know what you're looking at once you do. It's a lot easier to be thought of as uninformed than as a heartless, inconsiderate (here's that favorite term again)...uh...person!

  5. Bud
    June 4, 2014 at 9:35 pm

    The old, yet well-known adage is this....."IF IT SOUNDS TO GOOD TO BE TRUE, THEN DELETE!!! ( sorry for the 'shout' )

  6. Victor O
    June 4, 2014 at 9:35 pm

    Hm... I think I may have fallen for the Steam one :( Any fix? It was a really long time ago, "Steam" asked me to send in a file to them...

  7. Mac W
    June 4, 2014 at 6:38 pm

    I know you can report to authorities in different countries or to the different companies but then you need to have all addresses and the forms are different ... I gave up and are nowadays just using for everything

  8. george
    June 4, 2014 at 3:54 pm

    you wrote: [it harvests passwords from your computer and relays it back to a central server.] Can it get passwords which I've told internet explorer to remember?

  9. Rob H
    June 4, 2014 at 1:08 pm

    The list of scams has grown so extensive as to no longer be useful, what's required is a simple set of uniquivocal guidelines even my Granny can cope with.
    The problem is that to keep it simple the rules have to be pretty extreme and reduce the benefit of having internet access. On the other hand succesfully compromising your PC and passwords can earn the crooks many thousands of pounds, possibly from you or your friends and family. That's a pretty good incentive to try very hard to break into even "just" your email account.

    Anyway, here's an attempt at that list!

    Never click on a link in an email.
    Never share any password with anyone.
    Never use the same password for multiple purposes.
    Never respond in any way to unsolicited emails or phone calls.
    Never download computer programs.
    Never open email attachments.
    Never use public WiFi connections.
    Sounds too harsh? Those prohibitions can be overridden if you are 100% certain that your decision is safe but first consider:
    are you qualified to make that assessment.
    99.99% certain isn't good enough.
    Are you running up to date commercial security suite in case you still make a bad judgement.

    Making the safe/unsafe assessment is sometimes easy, lets take as an example:
    "Never respond in any way to unsolicited emails or phone calls."
    I unexpectedly got an email (so: unsolicited)from Granny "Why do you never visit me you ungrateful little ****". Safe to reply (Because you're a miserable old witch).
    Email from Granny with a link to "Buy cheap Viagra". Dangerous to click, don't reply but do call Granny and help her through securing her email/PC (Unless she's been talking to my wife!). You might even "Reply all" (remove her address from the recipients) as the scammers are lazy and often send the same message to a list of contacts from the hacked account. Warn the others on the list that it's a scam.
    It's the middle ground that's risky. Granny sends an email "I thought you might like to see the attached photos." How can you tell it's not a hacker in her account and the attached zip is malware?

    You can help by making sure that when you send an email it's not got links or attachments because that normalises the risky behaviours. For example instead of "watch this video"" you could write: search Youtube for "How To Speed Tie a Necktie " or just Google for "Iw6fcE2YSng".

    Need to send a file? consider using Skype so sender and receiver can be in voice or video contact at the same time. Safe? well safer than email at least.

    Set up your own email account with two factor verification. It seems so complicated that very few users do set it up but surely as a MUO reader you're up the the task - and having got your head round it maybe set it up for your Granny.
    Similarly use a password vault and help less technical friends and family to do the same.

    Some email services (e.g. Gmail) employ some measures aimed at detecting malware attachments and scams but they are not successful enough to rely on. Gmail will even raise an alert if it looks as if your account has been hijacked and is being used to originate malware/spam. Hotmail has a way of reporting "I think my friends account has been hacked" if you identify a malware/spam mail coming from their account - a good idea except that it only works if both parties are hotmail users.

    On Friday I received an email from someone I know. The text was a bit odd and there was a link to "hear my voicemail message". Now we all know not to click links in emails don't we? Hovering over the link it showed an IP address as the web host: that's a dead giveaway that it's a malware site.
    So I phoned my friend. Before I could speak she said "Yes I know, my computer's got a virus. I've got a PC expert coming to fix it on Monday meanwhile I've switched everything off and unplugged it."
    It took me a while to persuade her that whilst she might have a virus, what she had certainly got was a hacker in her hotmail account. She kept saying "yes but the computer's unplugged", it took a bit of explaining that the account can be accessed from any computer. I explained that if she didn't get in and change the password or get hotmail to suspend the account, then the hacker could keep exploiting the account for at least the next 2 or 3 days, hopefully the expert would identify fix that as wall as any malware on her PC.

    • Robin S
      June 4, 2014 at 9:45 pm

      Excellent suggestions, Rob H; thanks!

  10. dragonmouth
    June 4, 2014 at 12:27 pm

    Just this morning I received an email notice that my iTunes account will be closed soon if I don't confirm certain details. An obvious and clumsy scam, since I never had an iTunes account. Let them close it. See if I care.

  11. Rob
    June 4, 2014 at 10:03 am

    These are horrible! I especially feel sorry for the bug who traveled so far for his lottery 'winnings'. Do they ever really manage to catch the people behind these scams?

  12. TxBlackLabel
    June 3, 2014 at 9:06 pm

    I have some clients that get the parcel postage email from one of the big carriers. I always have to remind them, it should just be a text email from the carriers, clicking on any zip file attachment, you're going to have a bad day.