If you've received an email that looks a bit dubious, it's always best to check its authenticity. Here are three ways to tell if an email is real
Have you ever come across any email that looks like it's from a company, but it looked suspicious? There are plenty of ways that scammers use to spoof email addresses.
Here, we're going to cover a few ways you can identify authentic emails from fake ones.
1. Check the “From” Address
Often you'll find that fake emails that have a similar-looking “from” address to the original email addresses.
Take the example of Apple. If you receive an email from Apple, you will see that the email address is firstname.lastname@example.org. Scammers would use similar email addresses such as email@example.com to try and fool the recipient.
2. Check the “Reply To” Address
When you receive an email from someone, you typically reply to the same email address, unless otherwise instructed. When scammers send fake emails using someone else's email addresses, they don't have access to the victims' email accounts whose name they use.
If a scam email needs a reply from you, you'll see that the “Reply To” field has a different email address than the one that actually sent you the email.
Scammers use this technique to get replies by enticing you to read and respond to the emails they send using the names of reputed brands, companies, governmental organizations, and so on.
3. Check Email Headers
There are three major email security technologies used– SPF, DKIM, and DMARC. These technologies help the recipients of the emails check whether it is really from the recipient, or a scammer instead.
Most major websites and companies utilize these three security measures correctly, as it allows your mail client to detect and block fake emails. It's worth bearing in mind that some companies may not use these technologies or enforce them properly.
To check the security of an email, click the three dots in the top-right corner of any suspicious email and click on Show Original (or equivalent). Here, you'll be able to see each of the security checks and whether the email has passed or failed.
While the status can't definitively tell you whether or not an email's real, it definitely gives a good sign. If you see a fail or soft fail result, then you should probably take the email with a pinch of salt.