Of course, if the phish is looking for a direct response, you can also check the "Reply-To:’ header and be sure it is going to a reasonable address in the real domain. As the phisher needs to see the response, it is less likely for this to forged if the real domain has not been hacked.
Scanning the headers is not real hard to pick up some information. I figure if I send the phishing e-mail to an IT person, they can figure out the headers, and what to take action on, much better than I can. Especially if the headers contain info that shows the e-mail originated on their site, and the sender does have an account on their server.
No, that’s what https://spamcop.net is for, not some random IT guy that you hope has some spare time to deal with your issue.
Al,
If the e-mail was sent from one of his servers, it IS his issue! Either an employee has gone rouge or an intruder is using his server. He needs to deal with either possiblility!
No. Please don’t trust what you see there. This cannot be repeated enough:
It is super easy to spoof header information and put into From: whatever a scammer wants. Do not trust anything you see there as a guarantee for anything.
This on the other hand is sound advice.
Always go to the company/service website yourself, manually typing in the address or using your own bookmark. If the email was legit and you need to do something related to your account with them, they will tell you once you log on. The massive advantage of this is you need to trust only yourself about who you are dealing with. You initiate communication with a known entity using your own URL information. You do not rely on a link provided by any external party. This way you always know who you are dealing with.
I have yet to encounter a company or service that will send me a link to do something which I can only access using that email they sent me. If I truly need to do something, logging on to my account with them will always give me the same option. In fact, many companies will immediately query me on the task they want me to carry out as soon as I log on (like my utility that will ask me to verify my contact details are up-to-date before I can do anything else on my account with them). No need to follow any email directions or use any email links. None at all. Using such an email as a reminder is fine, following its links is not.
2 Likes
Agree.
I’m sure it has happened to me (and I wish I could cite a specific example); it is extremely annoying, for the reasons you mention. My general rule is never to click on a link in email, although there are exceptions (verifying a registration being the most common).
Partially related is when an email tells me to call and provides a number that I have not recorded. This happened with a bank, and a search at the bank’s web site did not find the number, so I used my preferred search engine. It returned sites that said the number was legit and it returned sites that said the number was a scam. (“Ask the internet, and pick the answer you like.”) Any advice for that situation?
Me, I’m pretty certain I’d never call an unknown phone number suggested in an email.
I have yet to encounter a serious company that will tell me in an email I need to call them on the phone.
If they need to talk to me, they will either call me (which opens another can of worms…) or they will send me a proper letter. Either way, I will make sure to initiate the call myself to a number I have on file and if that requires a callback, so be it. No way I will just take some email or call and assume it’s legit.
I realize that this is not a timely reply but there are email provider options that do a much better job at preventing phishing and spam from reaching your inbox. Of course, it may cost a bit more than outlook.com but when your sanity is at risk, isn’t that worth spending pennies a day for relief?
I’ve used the privacy-oriented email service Runbox.com for years now and I cannot recall receiving a phishing email in recent years. . . Its server-based spam filters do an outstanding job. The small amount that gets through to me is snagged by SpamSieve. No spam reaches our family inboxes.
Using the Runbox website to “train” the filters is easy and customer support really is 24/7 if assistance is needed. The company is based in Norway, which has no downsides as far as I am concerned.