Why do email scams still work and are profitable?

9 Marketer opinions 4 Expert opinions 5 Technical articles 3 Resources

Summary

Email scams persist due to a confluence of factors, including the minimal cost of sending mass emails, the exploitation of human psychology, and the continuous evolution of scam tactics. Scammers often target vulnerable individuals, sometimes using deliberately obvious scams to identify easier targets. They exploit emotions such as greed, fear, and urgency, and constantly adapt their approaches by using current events and refined techniques. The ease of spoofing email addresses and impersonating legitimate brands further contributes to their success. Ultimately, the human element is the weakest link, as it's often easier to trick individuals than to breach security systems. Even a tiny positive response rate can make scams highly lucrative, sustaining the economic incentive for scammers.

Key findings

Low Cost, High Volume: The cost of sending millions of emails is negligible, requiring only a small fraction of recipients to respond positively for profitability.
Psychological Manipulation: Scammers exploit human psychology by preying on emotions, using persuasive techniques, and creating a sense of urgency.
Evolving Tactics: Scam tactics continuously evolve to target unsuspecting recipients, incorporating timely lures and adapting to current events.
Human Vulnerability: Humans are the weakest link, as they are often easier to trick than it is to hack security systems.
Email Spoofing & Impersonation: The ease of spoofing email addresses and impersonating trusted brands enhances the credibility of scams.
Targeting Vulnerable Individuals: Scammers often target vulnerable individuals and may deliberately use obvious scams to filter for easier targets.

Key considerations

Increased Education and Awareness: Continuous education about scam tactics and red flags is crucial for protecting the public.
Critical Thinking: Encourage individuals to think critically and avoid impulsive actions when encountering suspicious emails.
Advanced Security Measures: Develop and implement more robust security measures to detect and prevent phishing attacks and email spoofing.
Email Authentication: Implement stricter email authentication protocols to combat email spoofing and brand impersonation.
Protection of Vulnerable Groups: Targeted efforts are needed to protect and educate vulnerable individuals who are more likely to fall victim to scams.
Adaptability & Vigilance: Ongoing vigilance and adaptability are necessary to counter the constantly evolving tactics of scammers.

What email marketers say
9Marketer opinions

Email scams persist due to a combination of factors: the low cost of sending mass emails, the exploitation of human psychology, and the continuous evolution of scam tactics. Scammers only need a tiny percentage of recipients to fall for their schemes to make a profit. They leverage techniques like urgency, fear, and impersonation, often targeting vulnerable individuals. Furthermore, many people lack awareness of scam red flags, and scammers adapt to what works, constantly refining their approaches. The fundamental issue is that humans are susceptible to manipulation.

Key opinions

Low Cost, High Volume: Scams are cheap to send, requiring only a small percentage of recipients to respond positively for profitability.
Psychological Exploitation: Scammers exploit human psychology, preying on greed, fear, and a desire for easy money. They also use persuasive techniques.
Evolving Tactics: Scam tactics are constantly evolving to target unsuspecting recipients, often using timely lures and current events.
Lack of Awareness: Many individuals are unaware of scam red flags and don't realize they've been scammed until their bank accounts are affected.
Human Fallibility: Even cautious internet users can be tricked. The fundamental issue is that humans are fallible.

Key considerations

Education is Key: Continued education and awareness campaigns are crucial to protect the public from evolving scam techniques.
Critical Thinking: Individuals should be encouraged to think critically and avoid acting impulsively when faced with urgent or fear-inducing emails.
Recognizing Red Flags: Learning to recognize the red flags of scams, such as unsolicited offers, requests for personal information, and suspicious links, is essential.
Scammer Adaptability: Understanding that scammers are constantly adapting their tactics requires ongoing vigilance and a proactive approach to security.
Vulnerability: Recognizing and protecting vulnerable individuals (elderly and others) who may be more susceptible to scams is important.

Marketer view

Email marketer from Comparitech explains that with enough time, effort, and ingenuity, cybercriminals can trick even the most cautious internet users. The problem comes down to the fact that humans are fallible.

September 2024 - Comparitech

Marketer view

Email marketer from Scamwatch explains that the psychology of persuasion is a key element for scammers. They try to trigger reactions using the following techniques: Authority, Liking, Scarcity, Social Proof, Reciprocity, and Commitment and Consistency.

August 2024 - Scamwatch

Marketer view

Email marketer from Reddit shares that many scams rely on volume. Sending millions of emails costs very little, and even a low success rate results in substantial profits. Additionally, scammers adapt their tactics based on what works, constantly refining their approach.

February 2025 - Reddit

Marketer view

Email marketer from Email Geeks shares that some scams are deliberately obvious to target individuals who are more likely to give up sensitive information easily. Combined with the fact that a tiny response rate can make it financially viable.

June 2024 - Email Geeks

Marketer view

Email marketer from Federal Trade Commission responds that the FTC finds that scammers can be very persuasive and use sophisticated psychological techniques to trick people. They create a sense of urgency or fear, making victims act without thinking critically. Furthermore, many people are unaware of the red flags associated with scams.

March 2021 - Federal Trade Commission

Marketer view

Email marketer from Better Business Bureau explains that many individuals still do not realize they have been scammed until their bank accounts are impacted and that education is key. Scammers are good at what they do so continued education is needed to protect the public.

August 2024 - Better Business Bureau

Marketer view

Email marketer from Email Geeks states that these email scams continue to exist because it's still worth it for them if they get one victim out of 10,000 emails sent.

March 2023 - Email Geeks

Marketer view

Email marketer from LifeLock shares that email scams work because scammers are constantly evolving their techniques to target unsuspecting recipients. They might use timely lures, such as current events or seasonal offers, to get the attention of a victim.

December 2021 - LifeLock

Marketer view

Email marketer from Quora explains that email scams still work because they are cheap to send and only need a tiny percentage of recipients to fall for them to be profitable. They exploit human psychology, preying on greed, fear, and a desire for easy money.

February 2022 - Quora

What the experts say
4Expert opinions

Email scams remain profitable due to the low cost of sending a high volume of emails. Even a small response rate can yield significant returns for scammers. A key element involves exploiting vulnerable individuals, whose contact information is then sold to other scammers for more targeted scams. The underlying principle is a numbers game, where the minimal cost of sending millions of emails makes even low success rates worthwhile, as spammers consistently find ways to profit, sometimes even being victims themselves.

Key opinions

Low Cost, High Volume: Sending millions of emails costs almost nothing, making even a tiny positive response profitable.
Vulnerable Targets: Scammers target vulnerable individuals and sell their contact information for more targeted scams.
Numbers Game: Success relies on sending a large quantity of messages, where a low response rate can still provide a high return on investment.
Profit Motive: Spammers persist because they continually find ways to profit, with some potentially becoming victims of other scams.

Key considerations

Targeting Vulnerability: Focus on protecting and educating vulnerable individuals who are more likely to fall victim to scams.
Economics of Spam: Understand the economic incentives driving spam to develop more effective countermeasures.
Scammer Networks: Investigate and disrupt the networks that sell and distribute contact information of vulnerable individuals.
Evolving Tactics: Remain vigilant and adapt to the evolving tactics used by scammers to maintain effective defenses.

Expert view

Expert from Spam Resource, John Levine explains that spam is profitable because it costs almost nothing to send millions of emails. If even a tiny fraction of recipients respond positively, the scammer makes money. The economics of spam are such that even a low success rate can be highly lucrative.

January 2025 - Spam Resource

Expert view

Expert from Word to the Wise, Laura Atkins responds that spam exists because it’s a numbers game. Sending tons of messages means that some people will reply, and some of those replies will be positive. The cost of sending is so low that even a very low positive reply rate makes it a good return on the investment.

April 2021 - Word to the Wise

Expert view

Expert from Email Geeks explains that scammers can sell the addresses of people who respond for a profit because they are receptive to more targeted scams. Even if only a small percentage respond, it's still worthwhile, especially targeting vulnerable individuals.

September 2021 - Email Geeks

Expert view

Expert from Word to the Wise staff explain that spammers continue scamming because they are finding a way to profit off of it. In some cases, the spammers themselves could be victims of another scam.

October 2021 - Word to the Wise

What the documentation says
5Technical articles

Email scams persist due to the continuous evolution of phishing techniques, exploiting human vulnerabilities like trust, fear, and urgency. Scammers are adept at bypassing security measures, impersonating legitimate brands, and leveraging new technologies. A key factor is the ease with which email addresses can be spoofed, making it difficult to verify the sender's authenticity. Ultimately, the human factor remains the weakest link, as it's easier to trick a human than to hack a network.

Key findings

Evolving Techniques: Phishing techniques continuously evolve, enabling scammers to bypass security measures.
Human Vulnerability: Scams exploit human trust, fear, and urgency, causing victims to act without critical thought.
Email Spoofing: Email addresses can be easily spoofed, making it difficult to verify the sender's authenticity.
Brand Impersonation: Scammers impersonate well-known brands and organizations to gain trust and steal personal information.
Human Factor: Humans are the weakest link, making it easier to trick a person than to hack a network.

Key considerations

Enhanced Security Measures: Develop and implement stronger security measures to detect and prevent phishing attacks.
User Education: Educate users about phishing techniques, red flags, and how to verify the authenticity of emails.
Email Authentication: Promote and implement email authentication standards to combat email spoofing.
Staying Updated: Keep abreast of the latest scam techniques and vulnerabilities to adapt security measures accordingly.
Layered Security: Implement a layered security approach that combines technical controls with user awareness training.

Technical article

Documentation from Microsoft explains that scams are successful by appealing to human nature, such as trust, fear, or urgency, so that victims don't think carefully about the request before doing it. Phishing emails frequently use legitimate-looking logos, email addresses, and names to fool recipients into thinking the request is legitimate.

July 2023 - Microsoft Support

Technical article

Documentation from Proofpoint shares that the human factor is the biggest element to why email scams still work. Humans can easily be tricked and it's much easier to trick a human than to hack the network.

August 2021 - Proofpoint

Technical article

Documentation from Anti-Phishing Working Group explains that email scams persist due to the continuous evolution of phishing techniques. Scammers are innovative and adept at bypassing security measures and exploiting new vulnerabilities, like those found in emerging technologies. They are also good at targeting vulnerable people to improve the probability of scamming success.

July 2022 - Anti-Phishing Working Group

Technical article

Documentation from Norton shares that one of the reasons email scams work is because email addresses can be easily spoofed, making it hard to know who sent the email. Scammers often impersonate well-known organizations to steal personal information.

June 2022 - Norton

Technical article

Documentation from Agari explains that brand impersonation, business email compromise, and supply chain attacks have evolved to be very sophisticated. The more legitimate looking the email appears, the more likely a recipient is to trust it.

May 2023 - Agari

A New Twist on a Publishing Scam: Ghost-authoring Book Reviews ...

In a new twist on academic fraud, a company now offers to pay you to write and publish book reviews that will be credited to someone else.

The Scholarly Kitchen

Is Paypal Giving Fund a fraud? ( Answer: No.) - TechSoup Forums

I received an email solicitation to my personal email from PayPal Giving fund, saying that they would add a little something to donations I gave this month, and that all the money would go to the non-profit I specified. I made two separate donations, one on Tuesday, the day I received the email, and the second two days later (yesterday) to the non-profit I volunteer at. I asked the bookkeeper to check the NonProft's PayPal account to see if the money was there, and it was not. I called the n...

TechSoup Forums

Cyber Fraud Examples: What Threat Actors Are Doing Today | Fortinet

Organizations and individuals alike must remain vigilant against and aware of common cyber threats. Here are some examples of today’s prevailing cyber fraud trends.…

Fortinet Blog

Are people still falling for email scams?

How are spammers getting content for their spam emails?

How can email senders and users prevent and identify phishing emails?

How can I stop a relentless spammer who switches domains and sends via Google Workspace?

How can a phishing email pass SPF and DKIM authentication checks?

How can normal people identify phishing emails when services rewrite headers?