Contents
No matter how many spam and antivirus filters you have activated, there’s still risk that some dangerous email messages get through to your inbox. Therefore it’s essential to think critically when you check the email.
Questions you should ask before opening any message, and especially any attachments:
- Do I know the sender?
- Do I expect message from that sender?
- Do I expect some attachment such as PDF on the message?
- Does the message seems to be OK?
If the answer for any questions above is no or there is anything unusual or strange on the message, you should check the email source. It takes only few clicks, but those clicks can save you from the big troubles.
It’s common way to spoof sender’s email address just like on our example. The message seems to be coming from legitimate sender and email address.
Generally there seems not to be anything strange on the message itself. However, you might notice something is not in order if your have received emails from the assumed sender earlier.
Anyway, alarm bells start ringing as I’m not waiting any delivery i.e. message from that sender. So, it’s time to check the email source and reveal the real sender.
The arrived message looks quite normal
View the message source
In most email clients, there’s option to view email source. In Zimbra, just select More Actions below the message and from the menu Show Original. Now you will be able to inspect the source, including header of the message. That’s the part email clients doesn’t show with actual message body as it includes all the email server data, including from where the message was sent.
Check from where the message was sent
Look at received: on the line 18. Here’s the real sender! It’s clear that sender was spoofed and this is a dangerous email and attachments should not be opened nor any links on the message should not be clicked.
Example of a dangerous email message trapped on a spam filter
You might check sometimes spam folder just in case, if there are false positives. When browsing spam folder, it is extremely important to keep shields up and not open any links on these messages. There might be some which looks authentic, but it is always better to take an another look.
Here is an example of a dangerous email message, which was caught on the spam filter. The message looks quite legit, but the tracking number on the subject field doesn’t match on the message content. It’s easy to catch checking the waybill number from courier’s own website. The number returned nothing as it is was fake.
How to to identify a potentially dangerous email
There are several ways to identify a potentially dangerous email, including:
- Unfamiliar sender: If the sender of the email is not someone you know or expect to receive an email from, it may be a phishing attempt or malware delivery.
- Suspicious attachment or links: If the email contains an attachment or link that you are not expecting, or that looks suspicious in any way, do not open or click on it. Instead, delete the email.
- Urgent or threatening language: Emails that use urgent or threatening language, such as “Your account will be closed if you do not respond immediately,” or “You have been infected with a virus,” are often phishing attempts.
- Poor grammar and spelling: Emails that contain poor grammar and spelling are often a sign of a scam or phishing attempt, as they are often sent by non-native English speakers.
- Requests for personal information: Legitimate companies will never ask for personal information such as passwords or credit card numbers via email.
- Asking for money transfer or wire: If the mail asking to transfer money or wire the money, it is a scam mail and should be ignored.
These methods may not always be foolproof
It is important to note that these methods may not always be foolproof and hackers can find new ways to trick people. However, being vigilant and using good judgement can help you identify potentially dangerous emails and protect yourself from cyber threats.
Another best practice is to always have an updated anti-virus and anti-malware software installed on your computer, and run it regularly, as well as checking the security configurations of your email account, set spam filters and blocking unknown email addresses.