BITS & BYTES: Tips to make sure email is legitimate

2014-02-19T10:38:00Z 2014-02-19T17:59:33Z BITS & BYTES: Tips to make sure email is legitimateApril Miller Cripliver Times Business Columnist nwitimes.com
February 19, 2014 10:38 am  • 

Q: How do I know whether an email message is safe to open?

A: Every day countless phishing emails are sent to unsuspecting victims all over the world. While some of these messages are so outlandish that they are obvious frauds, others can be a bit more convincing. So how can you tell the difference between a phishing message and a legitimate message?

Unfortunately, there is no single technique that works in every situation, but here are some that might help:

1. The message contains a mismatched URL: Often the URL in a phishing message will appear to be perfectly valid. However, if you hover your mouse over the URL, you will see the actual hyperlinked address (at least that’s how it works in Outlook). If the hyperlinked address is different from the address that is displayed, then the message is probably malicious.

2. URLs contain a misleading domain name: The bad guys depend on victims not knowing how the DNS naming structure for domains works. It is the last part of a domain name that is the most telling. For example, the domain name info.cripliver.com would be a child domain of Cripliver.com because cripliver.com appears at the end of the full domain name (on the right hand side of it). Conversely, it is clear that cripliver.com.malicioussomething.com would not have originated from Cripliver.com because Cripliver.com is on the left side of the domain name, not on the right.

I have seen this trick used countless times by phishing artists as a way of trying to convince victims that a message came from a company like Microsoft or Apple. The phishing artist simply creates a child domain bearing the name Microsoft, Apple, or whatever. The resulting domain name looks something like this: Microsoft.maliciousdomainname.com.

3. The message contains poor spelling and grammar: Whenever a large company sends out a message on behalf of the company as a whole, the message is usually reviewed for spelling, grammar, legality and a myriad of other quality control topics. As such, if a message is filled with poor grammar or spelling mistakes, it probably didn’t come from a major corporation’s legal department.

4. The message asks for personal information: No matter how official an email message might look, it is always a bad sign if the message asks for personal information. Your bank doesn’t need you to send them your account number; they already know what it is. Similarly, a reputable company would never send an email asking for your password, credit card number or the answer to a security question.

5. The offer seems too good to be true: There is an old saying that if something seems too good to be true, it probably is. That saying holds especially true for email messages. If you receive a message from someone unknown to you who is making big promises, then the message is probably a scam. After all, why would a Nigerian prince you don’t know contact you to help him smuggle money out of his country?

Intrigued? Read my next column for five more tips to identify email that isn’t worth your trust.

Opinions are solely the writer's. April Miller Cripliver of Chesterton holds a doctorate in management information systems and is a computer hardware and software consultant. E-mail your computer questions to nwitimes@cripliver.com, and specify your operating system and other pertinent PC information.

Copyright 2014 nwitimes.com. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

activate-button-3
Follow The Times

Latest Local Offers

Featured Businesses

In This Issue

Professionals on the Move Banner
Get weekly ads via e-mail

Poll

Loading…

Do you think the Lake County Solid Waste Management District should pay its new director less than its former director?

View Results