Detox-Comic

How to spot the fake emails known as phishing emails

Summary

How to spot phishing emails: fake emails designed to trick you into giving them your financial details.

Point but never click

So you have received an email supposedly from your bank asking you to login to your account and there is a link provided. Is that email really from your bank?

Well first off a rule to live by is to NEVER CLICK LINKS IN EMAILS. It's just too risky. What with phishing, computer viruses and adult content popping up without any warning. Not good. Especially if you are using someone elses computer.

So how can you tell if an email is not actually from your bank? The answer is in the email itself. With a little knowledge of how web pages are built you can learn just how easy it is to spot the fakes.

Every web page is part of a domain name. For instance www.mybank.com. So links should look something like this: www.mybank.com/customer/login.html. The bad guys know this so this is what they must fake in order to make you think that their link will take you to your bank's web site.

How do you fake a link?

The code that makes up a web page (called HTML) will let you display one web address on the screen while hiding the actual address under it. What you are looking at is the text label, what you click on is the actual address.

As an example here is a link that will take you to an article about phishing on this site, but as you can see it is telling you that it will take you to the articles page main menu:

http://www.detoxcomic.com/articles/articles.html

So how do you know what the real link is?

Easy. Point at it.

When you point at a link in a web browser it shows you what the real web address of that link is in the status bar, the bar at the bottom of the web browser (Note: if you can't see your status bar make sure it is turned on from the View menu).

Point at the link above and look at the status bar at the bottom of the page. You should see the real address which is http://www.detoxcomic.com/articles/phishing.html

You will find that over time that you will get used to pointing at links in potentially dodgy emails so that you can see the real web address of any links (Note: point but never click! Move your fingers away from the mouse buttons when pointing). The web address in a fake email is never a match for your bank's real web address. Some might be similar and some will be blatantly obvious that they don't belong to your bank. I had one link in an email pointing at a domain name that could only be described as a love for rubber toys!

Conclusion

So hopefully you now know another way of spotting fake emails. So next time you receive an email that looks so real that you are not quite sure, point at the links!

Please pass this information on to one anyone else that you might think will benefit from it. Hopefully we can help reduce the amount of people that are caught out by these phishing emails.

If you have any feedback regarding this article, or you have a suggestion for a new article, or just want to say thanks for the info then feel free to drop me an email at dave@detoxcomic.com.

Article date: 20th January 2011

Click here for more articles