How to tell if an Incoming Email is fake

Today more than ever businesses are receiving fake emails supposedly from legitimate organisations. These are phishing emails. Legitimate organisations typically send from their email address using their company Domain name after the “@” symbol. For instance or or or A firm’s Domain should be what comes after the “@” sign.

The simplest way to tell if an email is genuine is to review the email address. If the email address is, say, but the content of the email talks about a well-known job recruitment agency it is most likely fake. This is an obvious one but scrutinising the email address is a good way to judge what is likely to be fake or legitimate.

Some cyber criminals are buying specific domains that look like well-known brands to trick us into thinking they are real, making it more important than ever to take the time to scrutinise the Domains displayed. At first glance they might seem real enough, but they won’t be; there will be a small difference, an incorrect number or character. For instance, to use the email examples above, these might appear as or or or which would fake.

Some emails may suggest your Cloud service has been compromised and offer a redirect link that looks like the genuine URL but which has hidden behind it a different address that takes to you a cyber-criminal address. You could hover over this redirect link and see if it is the same, but in these cases it is best to go direct to the Cloud or similar service that they claim is compromised and login from the real site. Never click on redirect links.

Another useful trick is if the Domain address has been shortened, so it is less awkward to use and copy; some links can be very long and there are sites that will shorten them for you such as Shortened URLs can look suspicious but you can check them at sites like which will pull out the original longer link address to confirm if it is genuine or fake.

Hackers like to create a sense of urgency using emails that are aggressive, shocking, tempting or just too good to be true. Scareware is another malware tactic that cyber criminals use to manipulate users into doing something they do not need to do, perhaps with time limits, expiration or termination threats. This is typically accompanied by a suitably tempting or scaring Subject line. These emails should be deleted.

Another oddity for watch-out for is when incoming emails have used Bcc. It seems unlikely that a provider would use a Bcc for a prospective or existing customer and emails that come in this way should also be deleted.

Email fraud is on the increase with more break-in phishing scams occurring every day so forewarned is forearmed.

Contact us for advice email security
Phone: 01342 301325