Approximately one percent of emails sent on a daily basis are malicious. If that low percentage doesn’t seem like a lot, consider that it translates to over 3 billion malicious emails a day and over a trillion annually; and the numbers are increasing. Gary Smith notes in an article on StationX.net that “hackers only have to get lucky with phishing a few times to make their endeavors worthwhile.”

I frequently note in columns that many scams originate overseas. Mr. Smith says that almost 45 percent of spam emails are sent from Russia and Mainland China; about 11 percent originate in the United States.

Crooks update their ploys to exploit the latest news or trends, but the FTC says common messages from scammers:

• say they’ve noticed some suspicious activity or log-in attempts.
• claim there’s a problem with your account or your payment information.
• say you need to confirm some personal or financial information.
• include an invoice you don’t recognize.
• want you to click on a link to make a payment.
• say you’re eligible to register for a government refund.
• offer a coupon for free stuff.

Since so many phony emails originate overseas, one tip from the BBB and other experts has been to look for grammatical errors, poor spelling, and strange sounding phrases. It’s still good advice, but the increasing adoption of artificial intelligence (AI) will make it more difficult to detect phony emails because the content will be well written.

Closely scrutinize the email address of the sender. If the email purports to come from a company or government agency but the address is unrecognizable or is a Gmail or other free web-based service, it’s likely a scam. Even if a company name is in the address, check to be sure it isn’t altered slightly or doesn’t have extra words in it. For example, it might say web.amazon.com instead of simply amazon.com.

Double check hyperlinks before you click on them. Roll over any links in an email you receive before you click to see where the link really leads. Suspicious links are one of the main giveaways of email scams. Sometimes, the links are shortened using bit.ly or a similar service so you can’t tell exactly where they’ll take you. If you roll over what looks like a real link, you may find the address doesn’t correspond with what’s stated in the blue link text.

Another red flag is if the link looks familiar but contains slight misspellings. Always check that a link is legitimate before you click on it; otherwise, it could lead you to a dangerous website or download malware onto your computer, phone or network.

Be wary of clicking on an attachment unless you’re sure the message is legitimate. It could download a virus or malware to your device. Even if the email looks legitimate, check with the person or company who sent it to make sure the attachment is safe.

Keep your security software up to date and running. The FTC recommends protecting your computer and mobile devices with security software that can help you recognize threats before it’s too late.

Protect your accounts using multi-factor authentication, which makes it harder for scammers to access your accounts if they’ve tricked you into providing your user name and password.