Is This Email Safe? 5 Traits to Look For

Do you ever second guess yourself before opening an email?Email

Email has become so commonplace in our lives that we rarely think about the risks that come along with opening a new message.

Believe it or not, email spam is still a popular – and highly effective – method that cybercriminals use to spread malware or trick users into sharing sensitive information.

Sometimes it’s easy to tell whether or not an email is spam, but other times it may not be. Spammers are constantly refining their craft, and they’ve gotten better at disguising their malicious emails. Here are a few characteristics that you can look out for to determine whether or not an email is authentic.

  1. Bogus Links – Checking the destination URL is typically a good way to tell whether or not an email is fake, although that is not always the case.

    Right now there’s a “USPS postage invoice” email circulating that is 100% fake. The email has a spoofed sender’s address (USPS_Shipping_Info@usps.com), but the embedded links within the email go to a website that obviously does not belong to the United States Postal Service:
    USPS Fake Link
    If we clicked the usps.com/clicknship link shown in the email, it would actually take us to the mathias-family.net website, which will most likely try to exploit vulnerabilities in the software installed on your PC to conduct a “drive-by download” attack.   This type of attack is very common and you do not have to click on anything in order for it to be successfully executed. All you have to do is visit a webpage that has been setup to perform the attack and have the targeted software installed (typically Java, Adobe Flash Player, and Adobe Reader).

    Note: Even legitimate emails may have embedded links that do not go to the same domain as the sender due to the analytics features in email marketing software used by companies. Use your best judgment when reviewing linked domains and research the domain.

  1. (Malicious) File Attachments – You should always be suspicious of file attachments – even if they’re coming from a recognizable sender.

    For example, there’s currently an active spam campaign abusing the Better Business Bureau (BBB) brand in attempt to trick users into downloading and opening malicious files. The BBB is aware of the spam campaign and has even emailed users to warn them about it.

    Never open an email file attachment without scanning it with your antivirus software first, even if it comes from a legitimate organization. Most businesses advise AGAINST opening file attachments, and often post reminders to users that they do NOT send emails with attachments.

    Just remember: if you ever question an email with a file attachment, simply find other means (besides email) to confirm that the sender meant to send the attachment. Additionally, be sure to scan the file BEFORE opening it (you can forward it to scan@virustotal.com to have it scanned by numerous antivirus engines and have a report sent back to you).

  2. The TO: Field – Always verify the recipient email addresses whenever you open an email as spam emails often have strange values in the ‘To:’ field. For example, here’s a screenshot of a fake BBB email that I received:
    BBB Spam Recipients
    As you can see, there are multiple recipients listed, indicating that the email is a fake. It’s highly unlikely that a company would reveal their mailing list like this.
  3. Poor Grammar – This one can be a little subjective, but I have a couple examples that illustrate what I’m referring to. Most of these SPAM/virus emails are generated by people for whom English is not their native language (a good portion of them come from Russia), so they will not always be grammatically correct to the level that you would expect from the organization that is supposedly sending the email.  The BBB, for example, would never send emails that look like this:

    Here with the Better Business Bureau would like to notify you that we have been filed a complaint (ID 60631221) from one of your customers with respect to their dealership with you.The detailed information about the?consumer’s?concern?is contained in attached document.

  1. Non-referential Emails – These are basically “shot in the dark” emails that might get you to open them. Examples include, “Thank you for your Verizon Wireless Payment” or “Your updated Cox bill is attached” etc.  I’ve received a bunch of the Verizon ones that look legitimate, however Verizon doesn’t have this email address on file for me (neither does Cox, iTunes, Amazon , et al). So, when checking these types of emails, ask yourself:  “Does business  ‘X’ have this email address on file for me?”  If they don’t, then you’re likely looking at a bogus email and you should delete it.  If they do have it on file, apply the other things I’ve mentioned here to see if it’s a real email or not before clicking any links or opening any files.

Think you might have opened something that you shouldn’t have?

If you think you MIGHT have opened something on your computer that might have been wrong, and might have caused an infection, please CALL (don’t just email us, we want to get on this RIGHT AWAY) us right away and we’ll take a look at it immediately. We can be reached at (858) 268-4774.

Like this post? Follow us online by liking us on Facebook, following us on Twitter (@thechipmerchant), or circling us on Google+.