How to spot a suspicious email

There are in excess of 100 billion spam email messages sent every day. Even with the best email filters, some of it is bound to end up in your inbox. Take a look at the example message below to see how you can identify a spam/phishing message in your inbox.

One notorious type of phishing email is The “Your Mailbox is Almost Full” email.  This email comes from “IT Support” and states your email account is over limit. In the following image, I’ve pointed out three places to look for to see if this email is legitimate or not.


First, I look to the “to field”. My name and email address are not in the to field. In fact, no email address is listed in the to field. This leads me to believe that I was BCC (blind carbon copied) on the email along with many others.

Second, I look to the from name and email address. The email address is not one that I recognize. The URL is not known to me and neither is the person’s name. I also happen to know that we don’t contract with a company called ICT, so there is really no reason they would be sending me a support email.

And third, when I hover over the link in the email (Clean-up system) I see the URL is questionable and built on a free site that was likely put up just for this scam. Now, I didn’t click on the link, so I don’t know what is on that site, however, I can guess at what I would find. It would likely ask for my username and password at which time they would have all the info they need to hack into my email account.

So what should you do when you get an email like this? Delete it. If you aren’t sure whether it is legitimate or not, forward it (or a screen shot of it) to your actual IT person to have them verify the contents of the email.

Scammers typically use fear based tactics (“oh no! I can’t send or receive email!” in this case) to get the consumer to respond without analyzing the actual email first. Arming yourself and your staff with the ability to spot spam will help keep your business running strong.

Though these three simple steps are not full-proof insurance that you’ll never be hacked via email, they are a good place to start.

Leave a Reply