Spam 101: what is spam, and how to defeat it

“Hello, this is your distant relative from Nigeria. I’m writing because I have a terminal illness and no other living relatives. My dying wish is to transfer my inheritance of $100 million to you while I still can…”

— we’ve all probably received an email like this at some point during our online existence. Originally known as “Nigerian prince” scams, today they bear the label “419” (after the section of the Nigerian Criminal Code dealing with fraud). These days, however, instead of a “Nigerian prince”, you’re more likely to receive a letter from a fake employee of a bank, online store, or delivery service — or even… the President of the United States.

This post looks at the most common types of spam emails, and explains what to do if one lands in your inbox.

Emails from investors, philanthropists, and other rich people

This is perhaps the oldest — and most common — email scam scenario. Even in 2025, benefactors of all stripes are queuing up to hand over their hard-earned cash to you in particular. Such emails are nothing if not formulaic: a fabulously rich individual (a) describes their source of wealth, (b) mentions a problem, and (c) proposes a solution. Let’s take a look at each step in turn:

• The source of wealth can be anything: an inheritance, an incredibly profitable business in a faraway land, or a discovered crypto wallet worth millions.
• The problem can also vary — from a fatal disease to a burning desire to donate everything to charity, and your help is needed.
• The solution is always the same: the money needs to be transferred to your account ASAP.

Of course, if you reply with your deepest condolences and bank details, it’s unlikely that the promised millions will materialize. Instead, the scammers will use every tool in the box to get you transfer cash to them. For example, this may take the form of a “transfer fee” they can’t pay themselves for some reason.

Don’t believe such an email, even if it seems to come from the U.S. president. Riding the wave of the Donald Trump phenomenon, spammers have launched a new-old scam in which they email potential victims pretending to be the White House incumbent, who for some reason has decided to give US$15 million to a handful of lucky souls around the world. To claim your millions, you only need to reply to the email, whereupon the fake Donald will ask you to follow a link and enter your bank details, or pay a fee to have the funds transferred to your account.

Delivery scams

Spam arrives from spoofed email addresses of delivery services, marketplaces, and online stores. The message is simplicity itself: “Dear customer, we are having problems with sending your goods and kindly ask that you pay a surcharge for delivery.” You’re asked to pay for delivery by following a link to a web page that asks for your bank details at the very least, and often also your home address. You can find examples of such spam in our Delivery payment fraud post.

There are more complex variations of this scheme. Just as “philanthropists”, “investors”, and “Nigerian princes” spin yarns about their imminent death from covid-19 as a pretext to make contact, delivery scammers also exploit current events. Last year, for instance, ahead of International Women’s Day, we warned readers of a flower delivery scam: cybervillains introduce themselves as flower-shop employees offering free bouquets — except that delivery charges are covered by the recipient. You guessed it: no one gets any flowers, and the “delivery fee” (as well as the bank card details) are lost.

Compensation scams

If you’ve swallowed the bait once, there’s a high risk you’ll be offered some more — but under a different guise. Masquerading as a bank, law enforcement agency, or international organization, scammers may offer to pay compensation: allegedly you’ve been the victim of fraud and the targeted institution is reaching out to those affected.

Alternatively, the senders of the fake email may pose as “fellow victims” who are seeking out others in the same boat: if we all chip in, they say, we can hire a merry band of Robin Hood hackers who, for a reward, will get all our money back.

Spammers can even pose as top managers of large banks. In this case, the email will weave a tale about how ~“… bad employees tried to steal your money, but we, the good managers, are ready to compensate you for the inconvenience.” But of course, there’ll be no compensation at all — it’s just a pretext for further extortion.

What to do if spam lands in your inbox

The first step is to identify it as such. Nowadays, most email clients automatically send unsolicited and suspicious messages to the Spam folder, but if one does sneak into your inbox, you need to identify it yourself. Carefully examine the text of the email for spelling and grammar mistakes, check the sender address, and ask yourself a few questions:

1. Is it relevant to me?
2. Why has a millionaire uncle I’ve never heard of suddenly got in touch?
3. Where did they get my email address?
4. Why should I pay to receive the money?

By answering these four questions honestly, you’ll know whether the email in front of you is spam or not. Here are our tips to reduce the amount of spam in your inbox:

• Don’t respond. Even if the sender wants to give you a million bucks, buy you a new smartphone, or help you get back something stolen.
• Don’t disclose personal information. Threat actors can scrape your name, phone number, and email address from a social network where you’ve kindly provided them yourself.
• Don’t follow suspicious links. It’s quite easy to distinguish real links from fake ones: our Passwords 101: don’t enter your passwords just anywhere they’re asked for post explains how. Easier still is to install reliable protection on all your devices: Kaspersky Premium automatically blocks redirects to malicious sites — keeping you safe.
• Don’t enter your data. If you impulsively followed a link in an email, or responded to the sender in some way, and now you’re having doubts, don’t under any circumstances enter personal or payment information. A request for such data is the same as hanging out a red flag saying “We are scammers!”
• Report fraud. Here are the instructions on how to report spam in Google Mail, and how to filter messages on Apple devices.