How to spot fake E-mail messages

Those keen to get you to divulge your personal/financial information are always looking for new ways to get you reading and responding to their E-mails. Spam filters do a great job and will block the majority of spam and fake messages but inevitably some still gets through. Here we explain some of the things to look for to help you spot the fake messages from the genuine.

15 July 2014 Security  E-mail, Security

Security - Article

Those keen to get you to divulge your personal/financial information are always looking for new ways to get you reading and responding to their E-mails. Spam filters do a great job and will block the majority of spam and fake messages but inevitably some still gets through. In this short article we explain some of the things to look for to help you spot the fake messages from the genuine.

Why spamming works

Spammers send out tens of thousands of messages each day with almost all blocked or ignored but if they can get a handful of people to respond then that will be enough to meet their needs. The more people that respond the greater their return so they will want to do all they can to get their message into your Inbox, for you to read their message and then respond to it.

Spammers rely on you...

  • Happening to use the service their fake message relates to (e.g. PayPal, your bank etc.)
  • Being too busy and not paying full attention – so you will click the message by mistake.
  • Being curious – we all like a bargain and spammers will use your curiosity against you.
  • Being embarrassed – if you have clicked on something by mistake or entered into a conversation with a fraudster you may feel a bit foolish and so are reluctant to ask for help.
  • Not realising they are hiding their identity – E-mail programs are designed to be easy to use but this can also be used by the spammers against you.

Bearing all of the above in mind as you manage your E-mail will go a long way to spotting the fake from the genuine however there are plenty of other things you can do to help pick out fake messages.

The obvious signs…

You don’t need to look too hard to pick up the signals that a message is a fake. The following are the most common giveaways:

  • Poor spelling or grammar
    Most spammers are overseas and so their use of UK English as a first language is going to be limited – poor spelling, grammar along with clumsy sentences are always a sure sign it is fake.
     
  • Inconsistent fonts and formatting
    Spamming takes a lot of time and resources so messages may be kept short and simple. Genuine messages will often be been designed with a layout that properly reflects the sending organisation. If it looks poorly laid out then it is likely to be a fake.
     
  • Wrong location
    Spammers rarely know where in the world you are so if a message arrives and it uses currencies, telephone numbers, postal codes etc. that relate to other countries then you can be sure it is going to be a fake.

Take the following message which is claimed to be from Amazon is promising some coupons in exchange for completing a survey.

How to spot a fake E-mail - obvious signs

The message is being viewed using Microsoft Outlook 2013 and we have highlighted a number of things that indicate why it is a fake:

  1. It isn’t very nicely formatted
    Amazon is a multi-billion dollar company so they make sure their E-mails look perfect.
     
  2. The coupon value is in dollars
    If Amazon was E-mailing you they would know which country you were in and make sure the currency was correct.
     
  3. Spot the missing graphic
    The small graphic picked out indicates a picture in the message couldn’t be downloaded when requested – this again is a sign the authors haven’t put a lot of effort into the message and making sure it works correctly.

So without needing to go any further we can already be sure it is a fake.

However spammers are getting smarter and have started to use copies of genuine E-mails and then adjusting them to meet their needs. This means increasingly an E-mail will look perfectly genuine but is it really a fake. Fortunately there are a few more things you can do and this is where your e-mail application can help.

How your E-mail application can help you spot the fakes

E-mail programs like Outlook, Mac Mail etc. all have features that are designed to help you spot fake messages you just need to know what to look for!

Microsoft Outlook, whether for Windows or Apple Mac, provides us with a few other indicators that can help us work out if an E-mail is legitimate or not. Here is another message in Outlook 2013 (for Windows) and this time two different parts have been picked out:

How to spot a fake E-mail - Outlook 2013 Hints

So what is Outlook showing us?

  1. Outlooks reveals the hidden E-mail address
    Note that the name shown is "Royal Bank of Scotland" but the E-mail address which Outlook also shows us is from info@bbr.com. Anything RBS sends will usually always come from an E-mail address ending "@rbs.co.uk". This then is clearly a fake E-mail. Someone is trying to hide their E-mail address behind the name Royal Bank of Scotland but Outlook shows us what it really is.
     
  2. Revealing where links will go
    Messages from people selling things either genuine or fake usually include links which we are invited to click and if the E-mail is genuine all then they should to the correct website.  One other useful trick Outlook can do is show us where the link will take us without having to click it. To do this just move your mouse pointer over the link (don't click it)  and a note will appear showing you where the link will take you. In the example below we can that although the link has amazon in it, the domain is bobmutch.com so again we can be sure as it is not amazon.com or amazon.co.uk that the E-mail is a fake.

How to spot a fake E-mail - Outlook 2013 Link Hint

Below is another message, this time viewed using Outlook 2011 for Mac:

How to spot a fake E-mail - Outlook 2011 Link Hint

We don’t even need to check the link as we can see the spammer has misspelt "My Refund". To be sure we have moved our pointer over the link shows and Outlook shows us it is for the website http://sarmina.com.tr and not http://hmrc.gov.uk or similar which we would be expecting.

If we move our pointer over the name of the sender, in this case HMRC (see below) we can see that E-mail address looks correct but as we have already found the spelling mistake and the fake link and we can be sure it too is a fake.

How to spot a fake E-mail - Outlook 2011 Email Hint

Finally we have another message, this time in Mac Mail. We can check the E-mail address behind the senders name by clicking on the drop down arrow to the right of the name (see below).

How to spot a fake E-mail - Mac Mail Email Hint

Unfortunately unlike Outlook, Mac Mail doesn’t easily provide us with the ability to see what a link is without clicking however if you are technically inclined and want to see what the link is you would need to use the "View Menu", then choose "Message" and finally "Raw Source". This would show you the HTML code use to make the message (see the same message below).

As we look down the code buried inside it we can see a reference to a site which is clearly not that of the HMRC so again we can be sure it is a fake.

How to spot a fake E-mail - Mac Mail Raw Source

Spam isn’t going to go away

As long as there is money to be made, spammers and fraudsters will keep trying to get their hands on your information and hard earned cash and whilst there is much technology can do to filter out most of these messages, some will always get through.

Hopefully this article has outlined a few easy ways you can spot such messages yourself and how you can use your E-mail application to help if things are not so clear cut. If you are still unsure, please do ask us as it is always better to be safe than sorry.

Tags  2011 2013 email fake fraud mac mail spam

Corrections or suggestions