Home Cyberpsychology & Technology How Scam Savvy Are You? Online Quiz Challenges Users to Spot Scams Among Legit Emails

How Scam Savvy Are You? Online Quiz Challenges Users to Spot Scams Among Legit Emails

Reading Time: 3 minutes

With more and more people spending time online, there are more virtual scammers getting active too. Last year’s report by online security giant McAfee estimated that an average American gets around 12 scam messages per day by email, text, or social media. The situation isn’t any better in the UK, where more than 7 in 10 adults have been targeted by scams, with 13% losing money to scammers. 

With AI now becoming more freely available, it is predicted that scam emails will become more sophisticated than ever, leaving more people at risk of falling for them. As part of a recent study, tech retailer Currys put together an online quiz that challenges users to spot the scams among the real emails. 

AI can’t detect 10% of scam emails; can you beat that? 

The quiz features real-life scam examples, encouraging you to consider all of the elements of an email before pressing genuine or scam. 
 
Currys researchers also tested artificial intelligence (AI) to analyse both genuine and scam emails, as the technology is now being exploited by scammers. 
 
The study used two AI platforms to analyse a mixture of 40 genuine and scam emails, asking them to identify whether the email was a phishing attempt or a genuine communication from a brand. 

The study discovered that both AI assistants incorrectly identified 10% of the mixture of scam and legitimate emails fed to them. Perplexity was better at discovering spam emails, being correct in 28 out of 29 cases, compared to ChatGPT 4, which only identified 27 out of 29 correctly. 

And when it came to the legitimate emails, both recognised even less. Perplexity incorrectly categorised three genuine emails as spam and Chat GPT 4 did the same for two. 

AI system  

Total spam emails correct 

Total genuine emails correct  

Total correct overall  

Chat GPT-4  

27 out of 29  

9 out of 11  

36 out of 40  

Perplexity 

28 out of 29  

8 out of 11 

36 out of 40 

This highlights the increased sophistication of phishing emails, suggesting more of the public will fall victim to them, particularly as the National Cyber Security Centre (NCSC) said that AI would “almost certainly” increase the volume of cyber-attacks and heighten their impact over the next two years. This is due to cyber criminals using the technology to approach potential victims in a more convincing way by creating fake “lure documents” (such as scam emails) that don’t contain the translation, spelling or grammatical errors that tend to give away phishing attacks. 

7 quick tips for identifying phishing attempts 

Here are some quick tips on how to spot a phishing email from sources including Crimestoppers UK, the National Cyber Security Centre, Which?, and Stop Fraud Now: 

  • Check the sender’s email address. Legitimate companies use domain emails, which are usually the name of the company. Be wary of emails from a public domain (like @gmail.com or @yahoo.com) or from misspelt domains that look similar to real ones. 
  • Look for poor spelling and grammar. Professional organisations proofread their communications. Frequent spelling and grammar errors can be a red flag, although with the help of AI, this will become less frequent.
  • Be sceptical of urgent requests for information. Phishing emails often create a sense of urgency, like threatening to close an account unless you update your information immediately. A legitimate company will never rush you in this way. 
  • Don’t click on suspicious links. Hover over any links in the email (without clicking) to see the URL or web address. If it looks strange or doesn’t match the company’s official website, don’t click on it. Some scammers will use link shorteners like Bit.ly to hide malicious links; brands are unlikely to do this.
  • Check for generic greetings. Phishing emails often use generic greetings like “Dear Customer” instead of your name. Companies you do business with usually personalise their emails. They may be sophisticated enough to take the first part of your email address,, so be sure to sense check the greeting.
  • Beware of requests for personal information. Legitimate companies will not ask for sensitive information via email. Be cautious of emails requesting passwords, account numbers, or other personal details.
  • Look for inconsistencies. Sometimes, the scam is in the details. Check for slight variations in email addresses, links, and domain names. These errors might be easy to overlook at first glance, so check carefully.

It is advised that any individual who may have seen or unwittingly interacted with a fraudulent web page or app should report the details to Action Fraud. 

Anyone concerned by these pages or who wants guidance on protecting themselves from this sort of criminal activity is advised to visit Citizens Advice’s excellent resource for identifying scams. 

© Copyright 2014–2034 Psychreg Ltd