detecting FRAUDULENT emails with confidence

I've noticed that most of my clients take a suspicious eye toward emails that don't look right.  This is a good thing.  When in doubt, delete it.  Knowing that people are trying to scam us by sending fraudulent emails can be unsettling.  Sometimes, though, it can even make us fearful of using our technology.  This is not a good thing.  I'm going to attempt to strike a balance between vigilance and paranoia in this article, and tell you how to identify bogus emails known as phishing scams.

Phishing emails are those that use trickery to get us to fork over personal information that allow the bad guys to steal from us.  Like the name suggests, phishing requires bait.  In the subject line, these emails usually say something is wrong, such as " Your credit card has expired ," or "Your account will be closed."  These statements can evoke a response that gets us to bite--to click on that link where we need to enter our credit card or Social Security info to make everything right.   Always be suspicious of any email asking you to go to a website to give out any personal information.

That was Lesson #1.  If the email asks for personal information, it's likely phishing.  In Lesson #2, we'll check the sender's email address as another test.  Take a look at this email I recently received:

In this case, my Mail program suspected this was junk and flagged it.  But even without this aid, I was first alerted when I saw the subject line reading, "Payment Problem."  Next, I took a look at the recipient's email address under "To:."  It might be reasonable to think that a large company would use some weird email code to keep from publishing your personal email address.  Maybe.  So, to be sure, I clicked on the sender's name--Netflix Inc.  (See image below.)

When I clicked on it, a window popped up revealing where this email actually came from.  That's certainly not a @netflix.com email address!

Lesson #3:  Chances are, if you've received a fraudulent email like this, other people have too.  These scams often get reported to watchdog groups like Snopes.com.  In fact, here is a link to their writeup on fake Netflix emails:  https://www.snopes.com/fact-check/netflix-users-update-payment/

Lesson #4:  If you're still not sure, you can always go to the official Netflix website and contact them through there.  (Important: Type the address directly into your browser window.  Do not click on any links in the email.)

Being aware of fraudulent emails is a great first step.  Knowing how to identify them using several different methods is even better.  I don't know if we'll ever be able to get rid of people who try to scam us, but at least we can get rid of the fear they cause us when it comes to using our technology.  All it takes is some knowledge in how to identify them to build that confidence.