Q: How do I know whether an email message is safe to open?
A: Every day countless phishing emails are sent to unsuspecting victims all over the world. While some of these messages are so outlandish that they are obvious frauds, others can be a bit more convincing. So how can you tell the difference between a phishing message and a legitimate message?
Unfortunately, there is no single technique that works in every situation, but here are some that might help:
1. The message contains a mismatched URL: Often the URL in a phishing message will appear to be perfectly valid. However, if you hover your mouse over the URL, you will see the actual hyperlinked address (at least that’s how it works in Outlook). If the hyperlinked address is different from the address that is displayed, then the message is probably malicious.
2. URLs contain a misleading domain name: The bad guys depend on victims not knowing how the DNS naming structure for domains works. It is the last part of a domain name that is the most telling. For example, the domain name info.cripliver.com would be a child domain of Cripliver.com because cripliver.com appears at the end of the full domain name (on the right hand side of it). Conversely, it is clear that cripliver.com.malicioussomething.com would not have originated from Cripliver.com because Cripliver.com is on the left side of the domain name, not on the right.
I have seen this trick used countless times by phishing artists as a way of trying to convince victims that a message came from a company like Microsoft or Apple. The phishing artist simply creates a child domain bearing the name Microsoft, Apple, or whatever. The resulting domain name looks something like this: Microsoft.maliciousdomainname.com.
3. The message contains poor spelling and grammar: Whenever a large company sends out a message on behalf of the company as a whole, the message is usually reviewed for spelling, grammar, legality and a myriad of other quality control topics. As such, if a message is filled with poor grammar or spelling mistakes, it probably didn’t come from a major corporation’s legal department.
4. The message asks for personal information: No matter how official an email message might look, it is always a bad sign if the message asks for personal information. Your bank doesn’t need you to send them your account number; they already know what it is. Similarly, a reputable company would never send an email asking for your password, credit card number or the answer to a security question.
5. The offer seems too good to be true: There is an old saying that if something seems too good to be true, it probably is. That saying holds especially true for email messages. If you receive a message from someone unknown to you who is making big promises, then the message is probably a scam. After all, why would a Nigerian prince you don’t know contact you to help him smuggle money out of his country?
Intrigued? Read my next column for five more tips to identify email that isn’t worth your trust.