How to Spot Fake E-mails

Author: Dakotah Hirni

Description: This is a brief overview of spotting fake e-mails

Spoofed emails are deceptive emails that appear to come from a legitimate source but are sent by malicious actors with the intent to deceive, scam, or spread malware. As an IT technician, spotting these emails is crucial for maintaining the security of an organization's IT infrastructure. Here's a short guide on how to identify them:

1. Check the Sender's Address:

   • Display Name: Just because an email says it's from "John from Accounting" doesn't mean it actually is. Scammers often use familiar names with fraudulent email addresses.
   • Actual Address: Look beyond the display name. If you see "support@amaz0n.com" instead of "support@amazon.com," that’s a big red flag.

2. Inspect Email Content:

   • Grammar and Spelling: Many phishing emails have poor grammar, strange phrasing, or typos.
   • Urgent or Threatening Language: Beware of emails demanding immediate action or making threats (e.g., "Your account will be suspended!").
   • Unsolicited Attachments: Be cautious about opening any attachment unless you are expecting it and sure of the sender.
   • Generic Greetings: Phishing emails often use vague salutations like "Dear Customer" instead of using your name.

3. Check the Links:

   • Hover Over Links: Before clicking, hover over the link to view the actual URL. Check for subtle misspellings or unfamiliar domains.
   • Use HTTPS: Legitimate websites use "https://" for security. While this isn't foolproof, be skeptical of sites that only use "http://".

4. Check the Email Header:

   • Inspecting an email header can reveal if the email is coming from a different source than it claims.
   • Look for inconsistencies in the "Return-Path" and "From" fields.
   • Check for unfamiliar or suspicious domains in the "Received" field.

5. Examine the Signature:

   • Generic signatures (e.g., "Customer Service Team") can be a sign of a spoofed email. Legitimate companies often use specific signatures with contact details.

6. Beware of Requests for Personal Information:

   • Legitimate companies usually don't ask for sensitive information (like passwords or Social Security numbers) via email.

7. Use Email Authentication Methods:

   • Tools like DMARC, SPF, and DKIM can help validate if an email is from a trusted source.

8. Trust Your Instincts:

   • If something feels off about an email, even if you can't immediately identify what it is, treat it with suspicion.

9. Use an Email Security Solution:

   • If you feel that an email is unsafe, please select the email and select report message under the Mimecast tab in the Outlook application.
     
     
     
   • For Exchange only or Google Workspace, you will need to proceed to the Mimecast link:  https://login-usb.mimecast.com/m/portal/app/#/advanced/personal-on-hold 
     You can report and reject unknown email from there. 

10. Educate & Stay Updated:

• IT threats constantly evolve. Stay informed about the latest phishing tactics and train others in your organization.

Remember: When in doubt, don’t click, and always verify by contacting the supposed sender directly through a known, trusted method, rather than through the email in question.