How to Spot Fake Emails and Avoid Danger

Since few of us are cybersecurity experts, we don’t know how to spot fake emails, which could lead to trouble. The truth is we should all strive to be our own email security experts. Here’s why: It’s estimated that every day around the world, 3.4 billion fraudulent (phishing) emails are sent. Make no mistake: your email inbox receives a fair amount of fake emails. You can do little to prevent them from reaching your inbox, but you can learn to avoid them. Here’s why some people will engage (accidentally) with fake emails when it comes to handling their daily emails: The infographic you (hopefully) just saw offers six strategies for avoiding false and dangerous emails. The steps are simple and easy to understand, and they need to be if we’re going to learn how to protect ourselves. Cybercriminals may have tricks and schemes, but we can learn to play the game and avoid their traps. The good news is that you don’t have to become a cybersecurity pro to protect yourself from fake emails. A good dose of common sense and a greater awareness of email fraud are enough to put you on guard. Put on your “inspector” hat. The first thing you’ll do is inspect every email as if it were a dangerous package. Think of it like this: Nowadays, every suitcase and carry-on is inspected at the airport before it’s allowed on a plane. The agents are trained to spot things that may deserve a second or closer look. Embrace the idea that you’re going to look at every email with a cautious eye. If anything in it seems to jump out, you’ll learn to give it a closer look. Reject aggressive and fear-inducing emails. If someone were pounding on your door, saying you owed them money and needed to pay or go to jail, you probably would not let them in. You’d keep the door locked, tell them to leave, and even call the police. That’s also precisely what you should do with emails that threaten you or initially put fear or worry in your heart and mind. Many email-based cybercrimes start with threats from criminals claiming to be from the IRS, Social Security, your bank, or other reputable organizations. Using fear or threats, you’re fooled and forced into paying someone to “make things right.” Leave the bait on the hook. A fish doesn’t get caught because there’s a baited hook in front of it; they get caught when they take the bait. That’s when they’re hooked, reeled in, and skinned. In fraudulent emails, the criminals often direct the recipient to click on hyperlinks in the message or open an included attachment. These links and attachments can do one of two things, and neither is good: The new rule is this: don’t click on any links or attachments until you’re sure (100% certain) it’s safe. In other words, leave the bait on the hook! Double-check the “from” portion of every email message. Two of the primary reasons fraudulent emails avoid detection are these: For instance, the IRS website is IRS.gov, not IRS.com. However, not everyone knows that. So, you can see how a fraudulent email from “ [email protected] ” could easily be overlooked. You can also see how an email address that said “ [email protected] ” could fool someone who rarely deals with Microsoft. The same goes for other crafty imitations, like [email protected] . Cybercriminals have many ways to make their email addresses look legitimate, but that doesn’t make the sender or their legitimate.  The bottom line is this: Start inspecting the “from” portion of every email you receive, especially those that request information or action from you. Here are some insights into learning how to spot fake emails. Leo A. Notenbloom, a retired Microsoft employee who runs Ask Leo, has a YouTube video titled “ How Do I Tell If an Email Address is Fake?” The information is clear and helpful, and his insights are eye-opening. Visit our website’s Learning Center to read more articles on online safety and consumer fraud. Click the link and explore the topics that interest you most.