How to check the identity of an email
Phishing is rampant among hackers, who use emails to steal credentials or deploy malware for network control or data theft. If you’re savvy with security, you might ignore 70% of suspicious emails, even from familiar senders with generic subject lines like “Check this out!” and just a link. But many aren’t cautious, unaware of phishing signs or how to verify emails. Everyone should learn basic practices to distinguish real from fake messages amidst the various. Check this for Email Fraud Defense
Check email Legitimacy
To determine if an email is legitimate, follow these three common practices to protect yourself from sharing your password with an attacker, sending all your personnel W-2s to cybercriminals, or wiring funds to a crime syndicate.
Verify
The easiest and still one of the most effective ways to protect yourself is to validate the email address identity.
First, hover over the “from” display name to see what email address appears. Attackers often spoof a display name to appear legitimate, but hovering over it can reveal the true sender.
If you’re still unsure, compare the new email with older ones from the same sender. Check if the display name and email signature match.
And don’t forget to call! Use a phone number from your address book, not one in the suspicious email, to confirm if the person meant to send the “I’m stuck in Paris and need money” message.
Inspect
Some attackers work harder to make their scams less obvious. You might need to dig deeper.
Remember the hovering trick? Take a closer look at the email address. Attackers often use slight changes, like replacing an “m” with “rn” or switching a lowercase “L” with the number “1”. Even the smallest change can redirect the email elsewhere.
If your IT team has enabled Sender Policy Framework (SPF) Records, check the email’s internet header information to see where it’s going. This also impresses friends at parties as a cool trick!
To locate the properties of an email in Microsoft Outlook, follow these steps:
- Open the email you want to investigate.
- Click on the “File” tab at the top left corner of the Outlook window.
- From the dropdown menu, select “Properties.”
- In the Properties window, navigate to the “Internet headers” section.
- Look for the “Return Path” or “Reply To” information within the Internet headers section.
Search
Another way to verify a sender is to search the email domain, especially for messages from new contacts.
Verify the domain name ownership and setup details. Sites like WHOis and ICANN show details about when a domain name was set up and who owns it. If a site created in the last 90 days claims decades of business, question the message’s legitimacy.
Search engines like Google often flag scams and push them to the top of search results. If you’re doubtful, do a quick internet search to see if others have reported the message as a scam.