How to verify e-mails as legitimate or fraudulent
With the number of e-mail scams on the rise, it’s important to know how to inspect them for malicious intent. This article will help you do just that.
Also, this article will serve to supplement the content published in our previous two articles regarding online safety and social engineering.
Before now, we referenced a couple of our Instagram posts showing examples of phishing e-mails and what to look out for.
We thought it necessary to create an article explaining this process in a bit more detail than what we could do in a couple of social media posts.
In this article we will explain what red flags to look for in a malicious e-mail such as: how to verify sender e-mail addresses, how to spot content mismatches, and how to inspect hyperlinks without following them in case they are malicious.
So first things first, let’s talk about sender e-mail addresses.
Verifying Sender E-mail addresses
This section of the article is MOST important, because this is the one thing phishers and scammers CAN’T fake.
The reason it’s not the ONLY section in this article is because if one of our close associates or friends gets their e-mail password “phished” a phisher can then send e-mails from their account to us.
In such a situation we will need to be able to rely on the rest of the methods mentioned in this article to ensure whether an e-mail or message is really from our friend if it’s out of the ordinary.
First, let’s look at an example of a real life e-mail scam to verify who the sender is.
This e-mail was received via the Mail app on iOS. Verifying the details we’ll examine may be done differently on your device. Please refer to your mail application or your device’s user guide for how similar steps may be performed on your device.
At first glance this may look like a legitimate e-mail from a trusted sender. However when we start looking below the surface, we get to find out more about the origin of this e-mail.
In order to do that lets tap the senders name “Apple Support” twice (on iOS 13.3). Once we do that, we see the actual e-mail address of this sender.
Under the "other" field is the actual e-mail address of the sender. Do we recognize this e-mail address as being from the trusted sender?? Absolutely not!!
If we are not sure, we can also cross reference the trusted sender’s e-mail address by looking at a confirmed legitimate e-mail from the trusted sender.
Here’s an example of what would see in the address of line of a legitimate e-mail from the sender this scammer is posing as.
Notice how the sender's domain name is correct and matches the company web page. For more information on how to inspect URLs to find domain names see our article How to Stay Safe Online if you haven’t already.
Now that we know how to inspect the sender’s e-mail address for authenticity, let’s delve more into how spot content mismatches in fraudulent e-mails.
How to spot content mismatches
When a scammer sends an e-mail posing as an authoritative and trusted sender, they may try to match closely the formatting used by such an authority.
There are usually some things in a fraudulent e-mails that are not worded correctly, misspelled, or not formatted exactly the same as is done in an authoritative e-mail.
For example if we’re used to seeing emails from YOURBank™ and we get an e-mail from a scammer and the name is formatted Your Bank™ this may be an indication that the sender is fraudulent.
In the above example, when legitimate e-mails are communicated concerning “Apple ID”, the user's full name is used in the greeting and the e-mail address of the account usually follows the term in the body of the message. Whereas in the fraudulent e-mail those details are missing from the formatting.
Fraudulent e-mail body:
Of course these aren’t the only types of content mismatches that you’ll spot in fraudulent e-mails. The best way to determine content mismatches is to compare an example of a verified e-mail from a trusted sender with one you may expect to be fraudulent.
This brings us to the final section of this article, how to inspect hyperlinks.
Inspect hyperlinks without following them.
A hyperlink is a link of text that takes us to a specific URL once we click on it. It’s important to inspect these, because the text of such a link may look legitimate but the actual URL it’s directing us to could be fraudulent.
Let’s glance back a the previous example for a fraudulent hyperlink
Notice how the hyperlink text of this example appears to take us to iforgot.apple.com, however we get to see what lies beneath the surface of this hyperlink when we copy it and paste it somewhere else like a note editor to see the full path of the link
If we highlight and select the link entitled “iforgot.apple.com”, then copy and paste, we’ll see the full link to the hyperlink.
As we can tell, this link does not take us to a legitimate domain.
Also, this may be done much quicker on desktop and laptops usually hovering the mouse over a URL populates a text bar showing the location of the URL.
Why would we not just click it to see where it takes us instead??
Well if we land on a malicious web page, any malicious content that may be on the web page could be downloaded directly to our computer or device causing further security issues.
Copying and pasting first allows us to inspect a URL path without actually going to the website, especially if it is malicious.
Knowing how to do this is especially important if we receive an abnormal e-mail from a trusted friend who’s been phished, because this may be the only way we can know if we’re the phisher’s next victim.
Also, if you’re unsure about an e-mail coming from a friend it’s usually best to confirm with them via phone call or text whether they sent it. They may not be aware of what’s happening with their account if they’ve been phished.
That about sums it up for the major differences between legitimate versus fraudulent e-mails and what to look for to decipher between the two.
We hope this article has been beneficial to helping you recognize which e-mails are safe and which ones are not.
If you feel this article has been helpful, as always, feel free to share a link to this article with someone you know may benefit or on your favorite social media platform.
Thanks for reading our blog! We hope you enjoyed.