One of the common questions we get from clients are those asking if an email they received is valid. Unfortunately for them, this generally opens up a slightly annoying email exchange from us with various questions to try to determine the validity of said email. The answer is, its not a simple process, unfortunately! There are a number of factors to consider.
Start out with the very basics. Is this from an email address that you recognize? Does the other email information (First Name, Subject Line, Etc) match up with what you’re used to from the sender?
Suspicious: Is the “From Name” generally written “Mary Jane” but this time is listed as just “Mary”? Is her email generally an @verizon.com email but this time comes from @yahoo.com?
Next, move onto the content of the email itself. Is it formatted in a similar way to emails you have received from this person before?
Suspicious: Do emails from this sender usually use flawless punctuation but this email contains a lot of misspellings?
This information alone can generally help you pick out if an email is really from a friend. If you are still unsure, you could alwatys call the person and ask if they really did send the email. It’s always better to be safe than sorry.
But what about a business? How do you know if a solicited email is really legitimate? Well, there are a number of signs.
First, have you received email from this company before? Have you recently done business with them where they would have asked for your email address? Sometimes you can eliminate emails right off the bat if they are a supposed response to something you know you didn’t do.
Suspicious: An email containing a supposed copy of your “receipt” for a company you haven’t visited in a long while.
Next, check the bottom of the email (called the “footer”) for contact information. Most legitimate companies will list their address, phone number, and an unsubscribe link at the bottom of the email as a form of legitimacy in order to get through sometimes overprotective spam-blocking software. Check the information provided against the official website for the company. A large company without any address in the footer is usually a cause for suspicion.
Suspicious: Does the email list an overseas address for an US-based company?
Check the links in the email, carefully. This isn’t really possible on a phone, but if you are on a desktop email client, you can hover your mouse over any outgoing links in the email to see in a pop-up or in the status bar where clicking the link will go to. Make sure all links go to the official website. It is not enough to look for the company name either. Some smart scammers will setup tricky domains like www.quadb.com.baddomain.com.
Suspicious: Does the email say free gift card to Bob’s Boutique but links to a different website?
Again, pay attention to the content of the email. Most businesses have proofreaders and won’t send out emails with spelling and grammar mistakes. Does the offer sound too good to be true? It probably is. If the email claims to be a “partner” of another company, wait until you receive an official notice of a partnership from the first company.
Suspicious: Frequent misspellings, or a brand name that is spelled incorrectly.
Now, there may also be the cause of concern regarding banks, credit cards, and other institutions that may send you payment notifications or missed payment notifications. As a general rule, just use the email only as reminder. Never click any links in these kinds of emails, just go to the website directly and you will never have to worry about the legitimacy. If you get a notification from your bank that says your account is in overdraft, go to the bank’s website directly, not through any links provided in the email, and check the status yourself.
Suspicious: A message that “Your checking account is in error!” when you only have a savings account.
Finally, take all emails with a sense of suspicion. Even if sent from someone you know, their email may have been hacked (meaning someone guessed their password and then logged in and started sending out emails). Offers that are “too good to be true” probably are. Scrutinize hyperlinks before clicking, or you might end up on a phishing page (one that looks like the website you are used to, but isn’t). You need to be more careful online these days to protect yourself and your data from identity thieves and hackers. Following these steps and approaching all emails with a sense of skepticism is a surefire way to keep yourself secure online.