How to spot a fraudster’s fake email address

Would you knowingly hand a fraudster your cash? Chances are, no matter how much money you earn, you’d probably prefer to give it to a worthier cause. While criminals want you to hand over your money willingly to them, they know they’ll have to trick you into doing it.

In today’s digitally-oriented society, most people have seen an overtly fraudulent email or two and can spot one when they see it. King Abdula from Jamaica isn’t going to send you $3.4 million to sneak a large amount of cash out of his country. Betty Heartstrings in Nigeria isn’t dying of cancer and seeking to share her wealth with random email address holders out of kindness. Instead, many of today’s fraudsters are keeping up with the times and looking for alternative ways to convince email account holders to click on spam.

One popular way fraudsters are convincing people to open an email is to modify the email address of the sender to mimic something more familiar or official. A fraudster can set up an email address that looks reasonably close to one it seeks to mimic. An @whitehouse.gov domain (after the @ symbol) might be spoofed to read @officialwhitehouse.com, fooling some email recipients into thinking the email is from the White House. Setting up this type of domain name allows fraudsters to change the username (before the @ symbol) to whatever they want, such as president@officialwhitehouse.com, making the address look authentic at first glance.

A different angle in the email name trick is to mimic the username of a familiar person or business. A criminal might gain access to the email contact list of your friend Billy. The criminal will then add a malicious link to an email and send it to everyone on Billy’s contact list using your friend’s real username, but a different domain name. A person who receives an email from Billy might open it and click the link offered by Billy because he’s a trusted friend. Instead of gaining something positive from Billy, the email recipient might download ransomware that locks down his computer until a ransom is paid to unlock it.

Criminals have an abundance of devious email tricks to get you to click on a link in an email. If you fall for one, paying that scoundrel to unlock your computer could be the least of your problems.

The best way to avoid deceptive email tricks is to scrutinize the username and domain of an email carefully before opening it. If both elements are not identical to what the address should contain, ignore the email. Even if the username or domain is only off by a single character, do not open it. The email is probably from a criminal.

It only takes an extra second to scrutinize an email address for authenticity, but it could save your computer, financial accounts, and reputation from heart-wrenching damage.

Skip to toolbar