How to recognize suspicious emails

Last week, I found out that my long lost grandfather, King Nelson Mandela of the Federal Republic of Benin, left me an inheritance of 50 billion dollars. True story.

While you may laugh off these obvious spam emails, criminals are getting smarter and their latest modus operandi is to dress their malicious emails up to look like they come from reputable brands.

Looks legit? It’s not. 

To avoid dangerous emails that could have disastrous consequences, follow the tips below!

1. If you didn’t request it, don’t click it!

This is the golden rule. If you didn’t request something from a person or company, there’s no reason for them to email you instructions or, worse, attached files. So unless you’ve specifically asked your bank for information, you shouldn’t expect a “bank manager” to be contacting you.

2. Suspicious email? Look for the text on Google.

Mails related to scams and malware tend to use the same texts, sometimes with tiny changes. Keep an eye out for:

• Nonsensical phrases, bad spelling and strange words stemming from automatic translations – like “With due respect to your person and much sincerity of purpose I make this contact mail with you”
• Badly-placed or low-quality images.
• No personal references: these emails don’t usually address you by name (Dear Beneficiary)
• A sense of urgency. These emails are always alarmist, appealing to your most basic sense – fear. The often mention terrible consequences, fines and charges.

Copy and paste the email into a search engine and take a good look at the results. It will be clear if the words come from a well-known scam.

3. Is there a file attached? Don’t even THINK of clicking!

In itself, email text can’t be dangerous. The real danger lies in the links and attachments. In fact, people clicking on attachments is probably the biggest cause of email infections.

Even seemingly harmless file types like .doc, .pdf, .xls can contain malicious code and do major harm.

4. Links? Analyze them in a click

Another way cyber-criminals look for victims is by using false or disguised links. If you have any doubt at all, just run the mouse over the link to see what the real address is:

Shortened links are another potential threat, as you can’t see where the link will take you before you click on it. In order to “unmask” shortened links, you can use services like UnShorten.

5. Never reply or resend

Replying to a suspicious email provides the criminal with valuable information. For a start, it lets him know that your address is real, and that somebody monitors it.

Never answer a suspicious mail

Don’t resend the email either, since you’ll basically be doing the cyber-criminals a favor.

6. In case of doubt, make contact through other means

Do you still have doubts about that mail? Resist the urge to click and instead call or text the supposed sender. 

If it turns out a friend is sending suspicious mail, don’t get mad at them! They probably didn’t even know it was happening, and it’s very possible that his or her inbox or email address has been hijacked in order to send more fraudulent mail.

7. Use a safe browser and read your mail online

Classic email clients, like Microsoft Outlook, are very vulnerable to email attack. Our advice? Use a web client (Gmail, Hotmail, Yahoo! Mail, etc.) in a safe, modern browser (Chrome, Firefox, etc.)

What are your tips for weeding out suspicious mails?

Original article by Niamh Lynch. Updated 01 Sep 2017.