Welcome to this 5-part online safety blog series about phishing.
In this series, you will learn to:
- Check who really sent an email
- Spot tell-tale spelling and grammar mistakes
- Recognise fake ‘urgent’ demands
- Identify suspicious links
Let’s start today with Part 1:
How to Check Email Sender Addresses for Phishing Protection (Part 1/5)
What is phishing?
Phishing is an attempt to trick you into giving away your personal information, such as your password, bank details, credit card number or your identification documents. Phishing perpetrators often do this by pretending to be someone you trust, such as your bank, a company you use, or even a friend or loved one. They typically send a fake email, text, or message that looks real, asking you to click a link, fill out a form, send information, or download something. If you do, they can steal your information and use it to scam you.
Anti-phishing Tip 1: Check the sender’s email address
Phishing emails often come from suspicious-looking email addresses that do not match the company or organisation they claim to be from. Let’s take a look at the following email addresses.
Question: Which of these is a fake email address?
a. service@paypall-support.com
b. security-update@amaz0n-service.info
c. microsoft_support_team_993@outlook.bz
Answer: All of them are fake! This is why:
a. service@paypall-support.com
The real company is “PayPal”, but here “Paypall” is spelt wrong with an extra “l”. Also, “support” is added oddly after a dash. Big companies usually use simple, official addresses such as @paypal.com, not strange extra words or misspellings.
b. security-update@amaz0n-service.info
“Amazon” is spelt with a zero (0) instead of the letter o. Also, the end of the address is “.info” instead of something official such as “.com”. Trusted companies usually do not use endings such as “.info” for important messages.
c. microsoft_support_team_993@outlook.bz
Microsoft emails should come from @microsoft.com, not @outlook.bz. Also, real companies usually do not put random numbers (such as 993) in their official email addresses.
In summary, watch for:
- Misspellings
- Strange extra words or numbers
- Unusual domain endings (such as .info, .bz, .site instead of .com)
Look out for Part 2 of 5, coming up next: Spot Spelling and Grammar Errors to Detect Phishing Emails. In the meantime, stay safe online!
