Announcements and Miscellaneous

How do I identify spam and phishing emails?

100% helpful (2/2)
‎20-09-2018 09:12 AM

Learn to Spot Scams and Spam ......Look for something JUST NOT QUITE RIGHT!


Phishing is a type of online scam where criminals send an email that appears to be from a legitimate company asking you to provide sensitive information or click on a link. Some phishing messages are an obvious fraud, others can be a bit more convincing. So how do you tell the difference between a real message and a phishing message. There is not one single technique but here are some hints.

 

1. The message contains a mismatched URL e.g. actual email address does not match name displayed

 

One of the first things you should check is whether the URL (eg. link to website or email address) actually matches the name displayed.


When you hover your mouse over the link or email address if it is different to the address that you can see, the message is probably fraudulent or malicious. For example, if you hover over a display sender name like “Stay Smart Online” it should appear as StaySmartOnline@ag.gov.au, not something like StaySmartOnline123445656@123.com.


2. URLs contain a misleading domain name e.g. microsoft.com.maliciousdomain.com

 

Criminals who launch phishing campaigns often depend on people either - not checking a link before they click or not understanding how a domain name is structured. For example a Microsoft webpage would always have microsoft.com at the end. For example

 

info.microsoft.com This could be OK
info.microsft.com.micosoft.com This is NOT OK (note the missing letters)


3. The message contains poor spelling and grammar


If a company sends out a message, it is usually reviewed for spelling, grammar, and legality etc. So if a message is filled with poor grammar or spelling mistakes, it probably did not come from them!


4. The message asks for personal information

 

No matter how official an email message might look, it's always a bad sign if the message asks for personal information. Your bank does not need you to send it your account number. It already knows it! Also, a company should never send an email asking for your password or credit card number.

 

5. The offer seems too good to be true


If the offer seems too good to be true - it probably is. If you receive a message from someone unknown to you making big promises e.g. you have won tattslotto - when you did not buy a ticket - the message is probably a scam.


6. You did not initiate the action

 

You get an email saying you won a car but you never entered a competition to win a car. If you get a message like this you can probably bet it is a scam.


7. You are asked to send money to cover expenses

 

A telltale sign of a phishing email is that you are asked for money - even if it is not in the first email.

 

8. The message makes unrealistic threats

 

If a message makes unrealistic threats it is probably a scam. An example of a threat message is - your bank emailing you saying that if you do not submit a form plus ID your account will be cancelled and assets seized.

 

9. The message appears to be from an official source e.g. government department

 

Official sources do not use email as their first form of contact. It will most probably be a scam.

 

10. Something just does not look right

 

Casino security teams are taught to look for anything that is JDLR - just doesn't look right! If it looks off, it probably is! This also applies to email messages. If you receive a message that seems suspicious, it's usually in your best interests to avoid acting on the message. Do not click on links, download files or open attachments in emails from unknown senders. It is best to open attachments only when you are expecting them and know what they contain, even if you know the sender.

Was this article helpful?

Version history
Revision #:
3 of 3
Last update:
‎20-09-2018 09:12 AM
Updated by: