How to tell if an email is real or spam; Tips for uncovering fake emails.

Spam and phishing emails have become increasingly prolific and can have a negative impact on both productivity and company resources. We frequently get asked by our IT Support clients whether a piece of email they have received is spam. Fortunately, most threats can be easily identified and avoided with a bit of education and care.

Here are some simple things you can do to evaluate if an email is real or spam.

Verify the sender’s info
Check the from email address carefully, checking the domain name spelling. Scammers have been known to use near misspellings of common domain names.  If you want to go a step deeper, you can check the email headers ( Keep in mind that both sender addresses and email headers can be faked, so it doesn’t confirm the email if ok just becuase the addresses look correct.

If the email is concerning a matter of importance, call the sender or your IT support provider directly to confirm. Never wire money or make important, non-reversible actions without confirming the sender in person.

For example, recently one of our clients received a phishing email that looked like it came from the company’s CEO to the accounting department of the same company, requesting funds to be transferred to a foreign account. The email included a note ‘I will be away for the next few days, so please take care of this’ to discourage checking the request in person. Our client checked with us first and we confirmed it was spam.

Check content for poor grammar and misspellings.
Many times a careful read of an email will betray hints of the content’s inauthenticity. We have seen a surprising number of phishing emails that are filled with incorrect grammar and misspellings. Also, notice if the content is creating a sense of urgency (your account will be closed!) or other call to action. Being aware of the tone and language of an email is often informative.

Check for (but don’t click!) external links
Does the email contain any web links embedded? Never click links from within a suspicious email. However, you can carefully move your mouse over embedded links to see the target destination, usually displayed at the bottom left of your screen when your mouse rolls over. If an email is claiming to come from a major retailer but mousing over the link reveals an unknown or seemingly unrelated URL, that is a telltale sign that something is awry. External links in emails will often open fake sign-in pages to well known web services in an attempt to get you to sign in and steal your credentials. Recently we saw phishing emails that had links to a fake Office365 sign-in. Once someone attempts to sign in to the fake account, the real Office365 account is then compromised.

Check for attachments
Most people know by now, perhaps the oldest rule in the book – never open an attachment in a suspicious email. As soon as you have decided the email is spam, simply delete the email or mark it as spam if that option is avaiable in your email client/provider

Consult with your IT provider
If you have any lingering doubt about an email, consult with an IT professional who can have a look and do more in depth investigation like checking email headers and searching mail server logs.

If you would like to discuss email security or any other IT issue with us, please call to schedule a free consultation.

[sf_button colour=”accent” type=”standard” size=”standard” link=””; target=”_self” icon=”” dropshadow=”no” rounded=”no” extraclass=””]Contact Us for a Free Onsite Consultation[/sf_button]


The Boulder IT Support blog is written by the staff of True North IT. True North IT is a small business IT Support Company in Boulder, Colorado, providing proactive IT services, tech support, comprehensive monitoring and friendly customer service.