Skip to Content
scammer targeting emails
© Yuri Arcurs | Dreamstime.com
Security & privacy

Email subject lines that scream, “This is a scam!”

Scam emails might have their roots in the ’90s, but they are flowering just as well in the 2020s — even Kim still has to deal with them. That seems only likely to speed up now that AI is helping them correct typos. But while we keep our eyes peeled for cutting-edge scam emails, there are some classics you want to be on the lookout for too.

Here are some all-too-familiar email subject lines to watch out for. They’re almost always scams.

Your delivery was unsuccessful

Home deliveries for online orders are more common now than ever, but that means we’re more used to missed order notices. Scammers love using this line as it can seem personal to anyone who shops online regularly. 

They’re after money, and no delivery service should need that before re-delivery. Delete.

Action required: Your Payment Was Declined

Scammers need a reason to get your attention and, more importantly, get you to do something. That could be something as simple as clicking a link or visiting a website. Declined payments aren’t common, but it is something you’ll need to do something about if true.

It’s probably not, but if in doubt, visit the website or payment provider directly.

RE: Anything

It’s an oldie but a goodie (for the scammers). Starting an email subject with the prefix “Re:” suggests that you’ve been in communication with this person previously and they’re just continuing the conversation. 

But they aren’t. They’re dirty scammers and we won’t be continuing that fictional conversation, no matter how interested we are.

Payroll has been delayed

Nobody likes being paid late, and any delay could be more than a hassle for anyone living paycheck to paycheck. Scammers rely on that fear with this particular scam email. 

Unless your boss usually contacts you via email when there’s a payment-related issue, steer clear of these.

Dropbox: Document shared with you

This one’s particularly insidious because document sharing via a cloud service is common. These emails can also look legitimate, making them hard to spot. Always hover over any buttons or links before clicking to check the URL in the bottom corner of the browser window. 

Better yet, ask the person who claims to be sharing the link with you if it’s legit before clicking.

Mail Notification: You have 5 Encrypted Messages

You might, but chances are, you don’t. Gmail doesn’t structure emails like this. Outlook doesn’t, and neither does Yahoo. You aren’t going to get an email telling you that you have emails unless your organization has a particular security tool to manage them. Check with your IT manager, or delete this one out of hand. It’s bogus.

Camp Lejeune class action lawsuit

You’ve likely heard ads on TV or radio about the Camp Lejeune class action lawsuit for U.S. military veterans and their families exposed to tainted water at the camp. Marketing agencies and law firms spent over $40 million advertising the case.

The Better Business Bureau (BBB) warns that scammers are now jumping on board. They’re hoping all the media attention makes it easier to trick people, especially military personnel, into falling for these scams.

Here’s how the scams work: You get an email claiming you are entitled to tens of thousands of dollars. You must click a link or call a number to get compensation. But beware! Clicking the link could infect your device with malware, putting you at risk for identity theft.

In other versions of the scam, thieves claim you need to pay an upfront fee so that they can file your case. If you pay them, they’ll continue to ask for more “filing fees” until you become suspicious. As soon as you realize the con, the scammer will disappear with your information and money.

How to avoid email scams

On top of spotting suspicious subject lines, there are more precautions you can take to stay safe. Here are some ideas.

  • Safeguard your information — Never give out personal data if you don’t know the sender of a text or email or can’t verify their identity. Criminals only need your name, email address and telephone number to rip you off.
  • Always use 2FA — Use two-factor authentication (2FA) for better security whenever available. Tap or click here for details on 2FA.
  • Avoid links and attachments — Don’t click on links or attachments you receive in unsolicited emails. They could be malicious, infect your device with malware and/or steal sensitive information.
  • Use strong, unique passwords — Have unique passwords for every online account. That way, if one account is breached, it doesn’t put others at risk. Tap or click here for an easy way to follow this step with password managers.
  • Antivirus is vital — Always have a trusted antivirus program updated and running on all your devices. We recommend our sponsor, TotalAV. Get an annual plan with TotalAV for only $19 at ProtectWithKim.com. That’s over 85% off the regular price!

Keep reading

Don’t fall for this Google scam about a compromised account

Why you need to change your voicemail setting right now

Komando Community background

Join the Komando Community

Get even more know-how in the Komando Community! Here, you can enjoy The Kim Komando Show on your schedule, read Kim's eBooks for free, ask your tech questions in the Forum — and so much more.

Try it for 30 days