How to Spot Fake Email Addresses - Article 3716

One of the best ways to defend against deception is to take a critical look at the internet address and/or e-mail address and evaluate it for authenticity.

Websites and the originating site of an e-mail usually have an address based on the domain name – for example .com, .gov,  or .edu. A list of common extensions is available in the article Understanding Web Site Names

Ask yourself whether the extension matches the purpose of the site. For instance, a governmental site or e-mail would typically end in .gov. If the domain name associated with the site or message is .com, be suspicious.

Sometimes, the site's name ends in a country code (e.g. .uk, ro, .ru or .ca). When you see this, judge whether it’s being used in the correct context. For example, would your local bank e-mail you from Romania or direct you to a website based there? It is unlikely they would.

Even when the site name seems plausible, watch for these other red flags:

Concealed web addresses – In web pages or e-mails, links might say one thing and link somewhere different.

Deceptive addresses – Scammers often create deceptive web addresses that resemble legitimate ones.

Forged e-mail addresses – In e-mails, the “From” address field is very easy to fake.

Understanding Web Site Names | Concealed Web Site Addresses | Deceptive Addresses | Forged Email Addresses

Info Center: