How to Identify a Fake or Spoofed Email
How to Identify a Fake or Spoofed Email
Email spoofing happens when someone sends an email to you that appears to be from another person. It's usually used in conjunction with phishing scams, where a bogus company is trying to get your personal information. If you suspect spoofing, check the email's header to see if the email address generating the email is legitimate. You can also find hints in the content of the email that it might be spoofed.
Steps

Checking the Email Header

Check the email address, not just the display name. Spoofing scams use a sender name that will look familiar to try to trick you into opening the email and following the instructions. Whenever you get an email, hover your mouse over the contact name and look at the actual email address. They should match or be pretty close. For example, you might get an email that looks like it's from your bank. So the sender name will be "US Bank of America." If the email address is something like "[email protected]," chances are you're being spoofed. If someone's personal email address is spoofed, make sure the email address listed is the one you have for that person.

Look for the header. The header information for each email address is located in a different place for each email provider. Pull up the header so you can review the information. The email addresses in the header should match the email address it's supposed to be coming from. In Apple's Mail app, you can find header information by selecting the message you want to review, choosing "View" at the top of the app screen, then "Message," then "All Headers." You can also press Shift+Command+H. In Outlook, select View/Options. In Outlook Express, select Properties/Details. In Hotmail go to Options/Mail Display Settings/Message Headers and select "Full." In Yahoo! Mail select "Full Headers."

Check the "Received" field. Every time the sender sends an email or a reply, a new "Received" field is added to the email's header. In this field, you should see an email address that matches the sender name. If the email is spoofed, the received field information won't match the email address. For example, in the received filed from a legitimate Gmail address, it will look something like "Received from 'google.com: domain of'" and then the actual email address.

Check the return path. In the header, you'll see a section called "Return path." This is the email address that any reply will be sent to. This email address should match the sender name in the original email. So for example, if the email name is "US Bank of America," the return path email address should be something like "[email protected]." If it's not, chances are the email is spoofed.

Checking the Email's Content

Review the subject line. Most spoofing emails contain alarming or aggressive subject lines to try to convince you to follow the links inside. If the subject line seems designed to scare or worry you, chances are it's a spoofing email. For example, a subject line like "Your account has been suspended" or "Take action now: account suspended" indicates the email is a spoof. If the spoofed email is coming from someone you know, the subject line might be something like "I need your help."

Hover over links. If the email includes links, don't click them. Instead, let your mouse hover over the link. A small box should pop up that shows you the actual url that the link will take you to. If it looks suspicious, or isn't related to the supposed sender, don't click it.

Look for spelling and grammar mistakes. Legitimate emails will be well-written. If you notice any spelling or grammar mistakes, you should be suspicious of the email.

Beware requests for personal information. Most legitimate companies, especially banks, will never ask you for your personal information through an email. This can include usernames, passwords, or account numbers. Never give out this information through an email.

Look for too much professional jargon. In contrast to poorly written emails, spoofing emails might also sound overly professional. If they overuse professional or discipline jargon that you don't recognize, they could be trying too hard to sound legitimate.

Check the email's tone. If you're receiving an email from a company or client you work with regularly, there should be plenty of detail. Anything vague should make you suspicious. If the email is supposed to be from a friend, check to make sure it reads like their emails usually do.

Look for contact information in professional emails. Legitimate communications from companies will include contact information for the person contacting you. If you can't find an email address, phone number, or mailing address in the email, chances are it's a spoof.

Contact the sender directly. If you're not sure whether an email is a spoof, contact the sender it's supposed to be from. Check a company's website for their customer service contact information. Their customer service department should be able to tell you whether the communication is legitimate. You can call or text a friend you suspect of being spoofed. If you suspect an email has been spoofed, don't reply directly to the email asking for clarification. If you do, it's a good way for the person on the other end of the spoofed email to try to get more information from you.

What's your reaction?

Comments

https://wapozavr.com/assets/images/user-avatar-s.jpg

0 comment

Write the first comment for this!