How to Tell When an Email Is a Fraud

Definitions first. Spam is email that is unsolicitied: you never asked for it in the first place. Email that you originally asked for or consented to receive is not spam just because you no longer want it any more. It’s an important distinction because unwanted email might be annoying because it’s filling up your inbox, but it’s usually harmless. However, the majority of spam is trying to scam you in one way or another.

The scam might be an attempt to get your banking details, the details of your email account or just to simply drop a virus onto your computer. To do this, the scam creators try their hardest to make their email look as much like a genuine email from well known companies such as eBay, Microsoft, FedEx and, of course, banks from all over the world.

I’ve opened a scam email, is it too late to do anything?

Relax, you’re perfectly fine. Just opening or viewing an email does not put you at any risk. The risk is all related to opening attachments on the email or clicking on links in the email.

Once you’ve opened a scam email, it’s often obvious that it’s a fraud because of poor grammar or spelling mistakes or because of spam cliches like Nigerian politician’s widows asking you if they can park millions of dollars in your bank account.

Some are a little trickier, though. For example, an email appears to be from your bank and it says that if you don’t confirm your login details by clicking on the link in the email, they’re going to close your account. Don’t even bother thinking about this one: while banks might send you information via email, they will never ask you to verify your account details this way. And the same applies to any reliable, security-conscious business.

Excellent fraud or genuine email?

But sometimes an email leaves you scratching your head wondering if it is an excellent fraud or a genuine email. Now you’re stuck trying to decide if clicking on the link will get you in trouble or ignoring the email will get you in trouble.

For instance, look at the example below. Is it real or a scam?

Fraudulent email determined by tooltip from hyperlink

This is an example of what happens when you hover your cursor over a hyperlink. It gives you a preview of the web address that the link will go to

Scam example

The above example looks pretty legitimate. It has a genuine PayPal and eBay logo. There are no spelling or grammar errors.

You could imagine the potential for a regular eBay purchaser to receive this email and think, What’s going on here? I don’t remember sending any money to this Ian Sherbin guy. Maybe I made a mistake… or maybe my account has been hacked! Hang on, I do remember looking at watches but I don’t remember buying one. I’ll click on the link and find out more.

And WHAMMO, they’ve just gone to a website that was waiting to drop a virus on their computer.

In this particular case, the link looked like it would probably go to eBay to show you what had been purchased. However, the link actually went to the website of a purchasing and supply chain consultancy whose website had been hacked. All visitors to the compromised website were infected with a virus.

How to tell what is a safe link

Once you know what to look for, in most cases, it is actually pretty simple to tell the difference. Many email clients (eg, Microsoft Outlook and Windows Live Mail) can show you previews of the website address that a link in an email intends to take you to. In Outlook for example, all you have to do is put your cursor over the link and leave it there for a second. After you’ve paused there long enough, the web address will show up as a tooltip. In Windows Live Mail, putting your cursor over the link reveals the true web address in the bottom-left corner of the email window.

You can see in the example above that hovering the cursor over the description of the purchase has brought up a tooltip (I’ve highlighted it in yellow) that gives the web address http://xxconsultancy.com/wp-blah-blah-blah. Obviously clicking on that link isn’t going to take you to eBay or PayPal. In fact, all three blue, underlined links in that email go to that same compromised website.

So I’m safe if the link looks genuine?

Hold on! Look closer. For example, does the link say microsoft.com or does it say microsofft.com? If you think I’ve just accidentally written the same thing twice, go back and look even closer. This is a fairly recent trick and gives you a real sense of satisfaction when you spot the fakes.

What about attachments?

All sorts of attachments end up on emails. Friends and family send pictures and PowerPoint slide shows and businesses send documents, invoices and receipts. All of them have the potential to contain computer infections. Pictures and PDF documents (files ending in .pdf) have a very low likelihood of infection, while the most commonly infected attachments are those ending in .exe, .doc or .xls. But, you can’t rely on what is low risk now staying that way in the future – scammers are always finding new ways to scam.

In deciding if an attachment is safe, it helps if you trust the sender but it is also extremely easy for a scammer to make an email appear to be from one of your friends, family or a well-known business. So, you can’t just rely on trusting the sender when you decide if you should open an attachment.

The best solution for staying safe with attachments is to make sure your computer is properly secured. This means having good and up-to-date security software installed, making sure that your Windows updates are working and that browsers and PDF readers are kept up-to-date.

Properly securing my computer is beyond me

Don’t feel bad, most people will admit they are in the same boat… the ones that don’t are usually over-confident with gaping holes in their computer security. If you’re not confident that your computer is properly secured, give us a call on 9313 1844 and ask us to come out and perform an Annual Service on your computer. We’ll make sure everything is up-to-date and secured and we’ll even supply the best security software currently available to save you the frustration of wading through all the different options out there.

Let us know

We’d love to hear what you think. Please offer us your thoughts, opinions and suggestions below in the “Speak your mind” section.

If you’d like to be informed whenever new articles are added to this website, please “Like” the Geeks to the Rescue Facebook page and you will see updates in your newsfeed.

PUBLISHED: 14th May 2013

UPDATED: 1st August 2017

Comments

  1. Mark Currell says:

    Very apt suggestions – as you say – this defrauding people is becoming big business, and people can be anywhere in the world sending these type of emails. Great topic.

    • Yes! I see so much of it every day. It is usually difficult to tell where infections have come from when I am cleaning them off client’s computers, but my suspicion is that the vast majority arrive via fraudulent emails.

  2. Damian Douglass says:

    Thankfulness to my father who shared with me regarding
    this website, this website is really remarkable.

  3. Trey Waterman says:

    Constantly i check weblog posts here early in the dawn, for the reason that i like to find out more and more.

  4. Eliza Snook says:

    I’m very happy to find this website. I want to thank
    you for your time for this particularly fantastic read!!
    I definitely savored every bit of it and I have you
    book marked to check out new things on your web site.

Speak Your Mind

*