One easy way to help spot fake e-mail messages is to learn the meaning of Top-Level Domains (TLD) -- those three-letter extensions at the end of a web link or e-mail address. If the extension doesn't seem to correspond with the type of company or organization it should be representing, exercise caution.

Here's an example: most university websites will end in .edu, for education (e.g. If you were being directed to the link uiowa.COM -- an extension intended for commercial uses -- that could be a red flag.

The following are commonly used TLDs:

.gov - *Restricted for government use. Note that .gov is the only restricted extension; all the others listed are intended for a purpose, but that doesn’t mean they cannot be used for other unrelated purposes.

.edu - Intended for educational use

.org - Intended for individual or organizational use

.com - Note that is the equivalent of .com in the United Kingdom. Intended for commercial use 

.net - Intended only to be used by network providers

.biz - Intended to be used by businesses

.info - Intended for informative websites

Country codes: .bz (Belize), .ca (Canada), .cn (China), .de (Germany), .es (Spain), .fi (Finland), .fr (France), .is (Iceland), .it (Italy), .kr (South Korea), .mx (Mexico), .nl (Netherlands), .ro (Romania), .ru (Russia), .to (Tonga), .uk (United Kingdom), .us (United States) Come across a country code not listed here? Look it up in a search engine of your choice (e.g. Google or Yahoo).

How to Spot Fake Email AddressesForged Email Addresses

Article number: 
Last updated: 
September 27, 2017