Call nowContact
Call Us at 303-928-1107
Contact us at 303-928-1107 or [email protected]

How to tell if an email is real or spam; Tips for uncovering fake emails.

By in Boulder IT Support, IT Security, IT Solutions, Uncategorized

Spam and phishing emails have become increasingly prolific and can have a negative impact on both productivity and company resources. We frequently get asked by our IT Support clients whether a piece of email they have received is spam. Fortunately, most threats can be easily identified and avoided with a bit of education and care.

Here are some simple things you can do to evaluate if an email is real or spam.

Verify the sender’s info
Check the from email address carefully, checking the domain name spelling. Scammers have been known to use near misspellings of common domain names.  If you want to go a step deeper, you can check the email headers (https://mxtoolbox.com/public/content/emailheaders/). Keep in mind that both sender addresses and email headers can be faked, so it doesn’t confirm the email if ok just becuase the addresses look correct.

If the email is concerning a matter of importance, call the sender or your IT support provider directly to confirm. Never wire money or make important, non-reversible actions without confirming the sender in person.

For example, recently one of our clients received a phishing email that looked like it came from the company’s CEO to the accounting department of the same company, requesting funds to be transferred to a foreign account. The email included a note ‘I will be away for the next few days, so please take care of this’ to discourage checking the request in person. Our client checked with us first and we confirmed it was spam.

Check content for poor grammar and misspellings.
Many times a careful read of an email will betray hints of the content’s inauthenticity. We have seen a surprising number of phishing emails that are filled with incorrect grammar and misspellings. Also, notice if the content is creating a sense of urgency (your account will be closed!) or other call to action. Being aware of the tone and language of an email is often informative.

Check for (but don’t click!) external links
Does the email contain any web links embedded? Never click links from within a suspicious email. However, you can carefully move your mouse over embedded links to see the target destination, usually displayed at the bottom left of your screen when your mouse rolls over. If an email is claiming to come from a major retailer but mousing over the link reveals an unknown or seemingly unrelated URL, that is a telltale sign that something is awry. External links in emails will often open fake sign-in pages to well known web services in an attempt to get you to sign in and steal your credentials. Recently we saw phishing emails that had links to a fake Office365 sign-in. Once someone attempts to sign in to the fake account, the real Office365 account is then compromised.

Check for attachments
Most people know by now, perhaps the oldest rule in the book – never open an attachment in a suspicious email. As soon as you have decided the email is spam, simply delete the email or mark it as spam if that option is avaiable in your email client/provider

Consult with your IT provider
If you have any lingering doubt about an email, consult with an IT professional who can have a look and do more in depth investigation like checking email headers and searching mail server logs.

If you would like to discuss email security or any other IT issue with us, please call to schedule a free consultation.

Contact Us for a Free Onsite Consultation

 

The Boulder IT Support blog is written by the staff of True North IT. True North IT is a small business IT Support Company in Boulder, Colorado, providing proactive IT services, tech support, comprehensive monitoring and friendly customer service. 

2 Comments

  1. Jeffrey Magner 1 year ago

    Thanks Peter! Great to know that Boulder has a cool new IT company.

    What should we do with repeated emails that sometimes escape our spam filter and keep coming despite being marked as Spam? Is there a way to Block them permanently or have them automatically get deleted? And I’m wondering why some of our accounts get so much Spam? Should we switch email accounts? Thanks!

    • Peter Billig, True North IT 1 year ago

      Hi Jeffrey,
      Thanks for reaching out. Actually, we have been doing IT Support in Boulder for over 10 years.

      If you are getting the same or same type of emails repeatedly you can also block by sender or use advanced options in your email providers administration panel to block specific IPs, domains, or even by matching portions of text within the email. One way to reduce spam coming to addresses is to make sure your email is not published on your website and make use of secure contact forms instead. It may be tempting to post email addresses on a company profile page, but those addresses will typically be scanned and then heavily spammed. Feel free to reach out to us for more info.

Leave a reply

Your email address will not be published. Required fields are marked *

*