NOTE:  The "fraud detection" alert is letting you know that the message may not be from who it says it is from.  It is letting you know that you should review the message a little closer to make sure it is valid before clicking any links or responding. 

Users may see more messages being flagged as failing fraud detection checks. The anti-spam service checks the headers of messages to verify the "From" field is the same as where the message originates.  These messages may also get flagged as spam and moved to the Junk Email folder -- see How Do I Manage Junk Email and Spam for more information. 

Examples of messages that may get the "fraud detection alert" -- using a 3rd party service to send a message "from" address, listserv messages, etc.

Spoofing is one of the common tactics of spammers.  Spammers are becoming more creative in their messages.  As a result many email domains are choosing to either block these messages more aggressively or to flag them for their users in hope that the user will stop and think or confirm a message before they click a link in the message.


For instance, if you use an outside vendor to send email with a From address of, the recipients may get the message. 

Possibly Fraud Sender Warning with text "This sender failed our frud detection checks and may not be who they appear to be..."
  This will appear at the top of their message.

Listserv lists also frequently get this message because the sender is using their email account as the From field, however, listserv lists will say From "" which the anti-spam service thinks is spoofing the From field. 

  • Jane sends a message to from  
  • Listserv asks Jane to confirm that she sent the message. 
  • Jane says yes/ok. 
  • Listserv sends Jane's message to the listserv on behalf of Jane.  
  • Jane's email gets delivered to her inbox and to the inbox of the other testlist subscribers.

Jane sees the failed fraud detection message because the email that she received has hidden information in it, referred to as message headers.  The message header shows the message originated from using an email server for  But the message header also shows that the listserv server sent the message from is not part of email servers so Jane's spoofing check says that the message failed the fraud detection test ( and do not match nor do they trust each other).  We were able to fix this error for listserv senders and recipients within the domain by our server admins making certain changes to allow it.  Unfortunately, for senders and recipients outside there is nothing that we can do to make this warning not happen.


For further information see:



Article number: 
Last updated: 
November 8, 2021