How to identify a fraudulent mail
There is no easy way of identifying a scam mail. However, it helps if you are wary of few common features of scam messages and the tricks the spammer employ.
a) Impersonates popular financial organizations, banks, retailers, and credit card companies, ISPs etc. – Scammers usually spoof popular organizations and try to make the email and the referenced website look as credible as possible, by using the following tricks.
– Using a Company’s Image – When spoofing a company, scammers not only claim to be from a reputable company, but they also go to great lengths to emulate the company’s visible branding. The fraudulent emails often contain the company’s logo and use similar fonts and color schemes as those used on the company’s Web site. Many fraudulent emails simply reference images from the legitimate company’s site.
– Links to the Real Company Site – The main link in a fraudulent email sends the recipient to the fraudulent phishing Web site, but many fraudulent emails include other links that send the recipient to sections of the real company’s Web site. Always type the name of the URL/link into the URL address line of your browser.
– Email Appears to Be From the Spoofed Company – To further convince the recipient that the email originated from the reputable company, the scammers use a ‘from’ email address that appears to be from the company by using the company’s domain name (e.g., @netzero.com, @yourbank.com).
b) Spoofed ‘From’ addresses – The email would claim to be from a credible company, but is set to reply to a fraudulent reply address. For example, the ‘From’ address could say ‘NetZero Billing Center’ while the reply-to address might be set to ‘NetZero1234@netzero.com’.
c) Urgency – Most scam messages would create a plausible premise and induce a sense of urgency to make you respond.
For example, the mail might say that if you do not respond within 2 days, your account will be closed, or that your account was used for some fraudulent activity and they need a confirmation from you.
The scammers would basically try to create a scenario that leads the recipients to believe that they must provide the required information and must provide it fast.
d) Misleading/Concealed URL/links – One of the most common tricks used in scams are misleading URL/links. They create sites that appear like the company that they are spoofing and the URL/link looks similar to that of the original company. For example, a scam impersonating NetZero might have a link to a site like ‘www.billing-netzero.net’, which does not take you to NetZero’s site.
Also, the scammers employ various HTML tricks to hide the original URL/link behind legitimate ones.
If you are not sure if the mail is legitimate but would like to update your information, the safest means to do so is to visit the site manually, rather than clicking on the link given in the mail.
e) Collects data over mail – Some scams try to send a form over email and collect data when you reply. Be wary of all such email and never send your personal details, bank and credit card details, passwords, pins, etc. over email.
f) Bad spelling and grammar – Some scams can be easily identified by the manner in which they are written. Scam emails will often include spelling mistakes and poorly constructed sentences, whereas legitimate organizations will take the time to avoid sloppy mistakes.
g) If you are using NetZero Message center, all emails sent from NetZero will have a small NetZero icon next to them, instead of the envelope icon. This will mean that the email is authentic and can be trusted. If an email claiming to be sent from NetZero does not have the NetZero icon, it may be a scam and it is advisable to get the authenticity verified.
If you are not sure if the mail is legitimate, play it safe and forward it with its full headers to the impersonated organization for a confirmation.
To learn how to forward an email with full headers, please click here.
For scams impersonating NetZero, please forward them with full headers to abuse@support.netzero.com.