Vyatka State University explained how to recognize a scammer in correspondence.

      Recall that at Vyatka State University, with the support of the Ministry of Education and Science of Russia and within the framework of the Decade of Science and Technology, the media project "Shield: Russian Security Science" is being implemented to counter man-made and biological threats, terrorism and extremist ideology.

      The media project team regularly prepares materials on the most pressing topics. One of them is how to recognize a scammer by correspondence.

      So, according to Positive Technologies, up to 70% of successful cyberattacks begin with social engineering — deception based on trust. Phishing, fake emails and malicious instructions often "masquerade" as ordinary messages. But there is a way to learn to distinguish them from normal communication — by analyzing writing style.

      Phishing attacks are fake emails, links or messages that extract data from a user and prompt malicious actions. The more realistic the message, the higher the chance of success. That is why cybercriminals increasingly use linguistic manipulation techniques. These include:

      - emotional pressure, using triggers such as fear, urgency, trust;

      - impersonation of authorities, where they imitate messages from banks, government services (for example, “Gosuslugi”) or technical support;

      - distortion of norms of business communication.

      Texts written with the intent to deceive often have characteristic linguistic features. Even if the author uses a formally polite or businesslike style, anomalies can be noticed on closer inspection. Below are the main signs to watch for.

      1. Presence of urgency or pressure

      Phrases like “urgent,” “immediately,” “24 hours left,” “or it will be blocked” are a typical social engineering technique. Such expressions create stress for the reader and push toward thoughtless actions. This contradicts the norms of official business correspondence, where important actions are usually accompanied by explanations, deadlines and contacts for clarification.

      2. Unnatural style or odd phrasing

      Scammers often use template constructions or automatically translated text. As a result, phrases arise that are uncharacteristic of natural language, for example, “you must urgently click on this link” or “to continue, enter your service.” A combination of an official tone with colloquial or slang vocabulary looks especially suspicious.

      3. Lexical and grammatical errors

      Errors in cases, endings, punctuation or sentence structure are another signal. A legitimate organization’s correspondence is reviewed, whereas attackers do not have such practices. For example: “This is a notification about the end of your service” — a clear example of disagreement in morphology and syntax.

      4. Addressing without specifics

      If a message is addressed to “Dear client” or “User” and does not contain a name, it is most likely a mass mailing, potentially phishing. Real organizations usually personalize messages.

      5. Direct request for confidential personal data

      If you are asked to enter a login, password, confirmation code, card details, or to follow a link, especially without explanation — this is almost always a sign of phishing. In normal communication such data are not requested openly.

      6. Links to external resources or suspicious attachments

      If a message contains links leading to domains with unusual endings, subdomains, or attachments with unknown extensions (for example, .exe, .scr, .bat), this is a serious reason to be wary. Linguistically this is often accompanied by vague or abstract formulations, such as “See the document” or “Review the report,” without specifying what it concerns.

      How can a neural network help detect fraud?

      A neural network can interpret not only facts but also the style of a text, its tone and the presence of hidden subtext. With a properly crafted prompt you can highlight suspicious fragments, explain why a text seems fake and suggest the likely purpose of the message. For example: “this is manipulation to get you to follow the link.”

      If the AI gives general answers, clarify: “Provide specific phrases from the text that look suspicious and explain why.”

      Checking messages for style is a simple but effective measure of digital hygiene. With linguistic observations and neural tools, even an ordinary user can increase their resilience to attacks. It is especially important to train yourself and your loved ones to follow a simple rule: do not respond to a message immediately; analyze it first.