You can tell a lot about someone from their address; email is no different: here’s how to check before opening email@gimmedamoney.com
Email scams, phishing and malware attacks are multiplying. You’re not safe in your own inbox – unless you take some simple precautions. While your mail provider may run a lot of scans, blacklisting and other email security measures, a lot still gets through. You can weed out a lot of the junk yourself just by checking the sender/’from’ address.
Check the Domain/Subdomain
Look at the sender/’from’ address. If there’s a period after the @ and before the final suffix – .com, .net or whatever – question where the email is actually from.
noreply@amazon.com may well be genuine.
noreply@amazon.gimmedamoney.com isn’t. It contains a sub-domain address. The end-point isn’t Amazon, it’s gimmedamoney.com.
2. Check variants and close-to addresses.
no-reply@microsoftinc.com is a variant that appears to make sense. Except it’s fake. You can find a whole raft of fake domains that are sending spam and malicious emails that are credible but dangerous.
noreply@microsoft.com is probably genuine
noreply@microsift.com isn’t.
Humans like to extrapolate what they see to what they expect to see. Which is why typos crop up in text even after several proof-reads.
3. Check inline reply addresses
Even if the sender/’from’ address is genuine, an email may not have come from there if it’s been spoofed (the header changed to look like a genuine email from source).
In this case, make sure any weblinks or reply addresses are genuine before you click on them to reply to that too-good-to-be-true offer (another sign of a fake).
Treat any inline addresses labelled click here to reply without showing the ‘to’ address as suspicious. If the address is shown in full, don’t be a lemming, look before you leap and read it.
reply@microsift.com and reply@amazon.gimmedamoney.com should give you pause. You did read examples 1 and 2, didn’t you? Gotcha. AJS