A scam message contains material designed to trick the recipient into disclosing personal information. For example, a message might ask you to click a link and enter your credit card number in order to receive a prize. There is, of course, no prize. Instead, the person who sent the message collects your credit card number.
These kinds of attacks are called "phishing" (a variant on the idea of "fishing" for data, such as usernames, passwords or credit card numbers). Generally, data phishers send out mass emails that cleverly imitate the look and feel of messages from legitimate businesses (such as banks, large websites or retail stores). Some look like fancy form letters with headers and company logos. Some have email addresses that look like they originated from the company they claim to represent.
In addition to the credit card phishing scam described above, phishers use several other tactics:
Both spam messages and scam messages are unsolicited and unwanted messages. However, spam messages are merely unwanted advertisements and are not dangerous, only annoying. Scam messages, however, are malicious because they want your personal information for nefarious purposes (identity theft, credit card scams, bank account access, etc.).
To protect yourself against scams, you must use a combination of Thunderbird's built-in scam detection tools combined with your own common sense and skepticism.
Thunderbird uses its built-in scam filtering that is part of the junk filtering functions. It looks for characteristics in messages that are common in scam messages, for example:
When Thunderbird detects that a message could be a potential phishing attempt, it will display a warning at the top of the message saying that "This message may be a scam":
As a second line of defense, Thunderbird warns you when you click a link in a message that appears to be taking you to a different website than the one indicated by the URL in the message:
Thunderbird's detection algorithm isn't perfect and, unlike its spam filter, does not learn or adapt based on your email flags. If you are getting too many false alerts, you may consider (at your own risk) disabling it:
Your best defense is to be aware of scam tactics and be skeptical about your email messages.