How to know if an email is real or fake? (with examples)
Fake and scam emails are annoying and are always multiplying in our mailboxes. But often it is difficult to know if the email is real and should be dealt with or if it is just a scam and should simply be deleted. Here are a few tricks to help you figure out if an email is real or not.
1. Do you have an account?
An easy one is if you get an email about your bank account, but you don't have an account with this particular bank, it is obviously spam. Same with any other account like Netflix, Sportsnet...If you don't have that paticuliar account, it is safe to delete the email.
2. Emails without a signature.
If you get an email saying for example your email quota is exceeded but there is no signature from your email company. It is again obviously spam and it is safe to delete the email.
3. No specific name and bad design
If the email says Hi [email protected]! or often takes the name from the email looking like: Hi Info! Obviously, they don't know who you are! Also often these emails will look unprofessional and it is easy to know that they are not the real deal. It is safe to delete the email.
4. Links
One easy trick (but also sometimes super tricky) is verifying the link in the email. If the email has a button or a link for you to click on it, don't! First, hover your mouse over the button/link without clicking. You should see the address show up in the status bar (at the bottom of your window). If you are using a phone, you can click on the link and hold it, it should show you a preview with the link address. If the link doesn't start with https:// it is not a good sign (but doesn't mean it is a fake email yet). If the email is from Paypal for example, and the link doesn't have paypal.com at the beginning of the address, beware. It could have something like clients.paypal.com, as long as the domain name is together like https://www.netflix.ca and not https://netflix.login.ca/ as this is calling the domain login.ca. After the domain name, the link might have a lot of random characters. This can be normal as websites will keep track of who clicked on the links. Hackers and spammers are smart and sometimes will try to make the link look like the real link. If the link brings you to a fake website, it is safe to delete the email.
Now having said that, I should let you know that some mailing programs (Mailchimp, Klaviyo,...) will use their own custom link to keep track of who clicked on the links. Those link addresses won't look anything like the name of the business sending the email. (ex: Mailchimp emails will have the domain list-manage.com with the name of the business at the beginning). You might have to look at all the clues to discern if this is a safe link or not.
If the link or the button says "Log in", it might be safer to simply open a browser and type the address yourself to log in than to follow a link that sends you to a fake page.
5. Attachments
I'm sure you heard, never open attachments even if they're from your friends. I would agree. Some accounts get hacked and send emails with bad attachments to all their contacts. Attachments are often not safe to open if you have doubts. If you are not sure if that person really sent that email with the attachment, it is safer to contact that person first to confirm the email was sent to you intentionally.
6. Sender's email address
Most spammers will send emails from a free email service provider like Gmail and Hotmail or will use weird emails. Again if an email from Paypal doesn't have @paypal.com in the email address, it is probably a fake email.
7. If the offer is too good to be true
If the email is saying that you won a big amount of money, that someone wants to give you their inheritance, or that the CRA/IRS has an amount for you (they don't put amounts in their emails that I know of), it is safe to delete the email.
8. Let's look at a few examples that I've received lately.
This email has 5 points that I find suspicious:
- My name is not in the email but looks like it should be there.
- I don't see the Paypal logo, the email just looks really bad altogether.
- Hovering over the link I see that it doesn't go to PayPal
- I'm glad they put the current year in the email, but I never saw an email with so much information in the footer and not sure what PayPal PPC001652:1.5:c063d1b4b43cc is supposed to mean.
- Plus the email came from PayPal
This email has 4 points that I find suspicious:
- The image isn't showing, not a good start.
- They have my email but not my name.
- The link doesn't go to the RBC bank website.
- The email came from RBC Royal Bank
About this one:
- I never saw that email before and the .jp means from Japan.
- There's an attachment.
- There is no personal name
- Again never heard of Richard K and pretty sure I never sent him a payment. But they want you to be curious and check the attachment because you don't remember and you want to know! Be wise
Last email for now. This one looks pretty good. A quick look and it seems legit, but...
- If you look closely at the email address, there is a spelling error (they missed an 'i' in Shopify). I researched the domain and someone did buy myshopifybilling.com and myshopfybilling.com (without an 'i') a few days before I received that email.
- Hovering over the button and the "domain renewal" link showed me a long link address. I did a quick search online and found out it was sent by Klavivo (a mass email sending program). Looking at this link, it does look legit...
- I did a quick search online on that address. On Google Maps this shows Brewski's Bar & Grill. I looked around but saw nothing about Shopify headquarters. This address is totally fake.
- Also, $282.08 USD for a domain name is way too overpriced!
Hope this information was helpful. I have to add that this is for your information only, I am not responsible if you delete good emails or open bad attachments. If you are a client of Sweet Web, you can always forward us an email that you are not sure about, and we will let you know if we think the email is real or fake.
Nico
Share: