Is That SPAM Or A Real Email? Or Are They Phishing?
Each day we receive dozens if not hundreds of SPAM emails to our email account.
You may not see many them all as many email services have some filters in place to pick off many of the most obvious bogus emails that might contain some malware, virus attachments that could harm your computer.
Yet, some to get through and some of the most effective at messing up your computer or stealing your information are those that look like they are from a legitimate source. These are phishing emails. Phishing is the fraudulent practice of sending emails pretending to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.
I am sure you have seen emails that seem to be from nationally known money services that come through your email account asking you to confirm some information. They might start with a ‘your account is locked and you need to log in to confirm your information’ which takes you to a page on their website (not the real business’s) that looks very authentic yet is their way to steal your log in information.
A favorite phishing email is a version that seems to be from PayPal. “Your PayPal account has had some suspicious activity and we have locked your account. Please click the link below to confirm your information and re-activate your account.”
There have even been a rash of these SPAM emails pretending to be our local internet providers that are phishing for our information so they can access those accounts.
The question is, how can one tell if the email is legitimate or just a phishing scam?
Here are a few thoughts that might help separate the real email notices from the phishing scams:
1. Really read the text in the email. I mean proof reading level reading of the text. If you notice spelling errors or weird sentence structure, there is a good chance it is a phishing email. While this doesn’t sort out all phishing emails, it does eliminate many poorly run foreign based phishing scams.
2. Look at the sending email address. If you can’t see that easily, sometimes you can right click on the email sender’s name to see the actual address (Mac people would control/click on the name) or you could click ‘reply’ and see what email address is put into the outgoing email address area (don’t send that reply, just trash it once you have seen the address). The right click/control click method is best because some emails have a different reply to address than the sending address. What you are looking for is what domain name the email came from. it should end with a [email protected] (or net, depending on what the real company’s website is). If you are seeing something other than what you know the real business website URL, it is probably bogus.
3. Check one or two of the links. You can do this safety if you do a right click or control click and go to Copy Link. Then, paste that link into a new email’s text body or into a document so you can see what that link looks like (be sure the email body is set to plain text so it will show you the link address). Can you see the company’s domain name (like TheRealCompanyName.com) in the link as one of the first parts on the left? One that just came through on my computer looked like: email.TheRealCompanyName.com/ with another 67 characters after the slash. The part I was looking for was the legitimate domain name in the first part of that link (the email. before the domain name is a sub domain that is also part of their website and business and can’t be spoofed on a second website).
4. When in doubt, NEVER click on a link. Go and log directly into the website from your trusted browser and see if you see any notices pop up on your account. If you don’t see anything, it might be a phishing email.
These few tips might help you keep from getting hit with a phishing scam that steals your accounts or identity potentially costing you a lot of time and money!