The Problem – Since an email may actually be legitimate, how to determine if fake / phishing

I’m often asked how to determine if an email is fake, or as the industry likes to dream up fancy names, let’s call it a phishing email. The phishing emails we all receive these days look so real, and it is possible that the email could be legitimate.

The Solution

In most cases, we can determine a fake email by scrolling over the links, without clicking on them, to see where the links are actually coded to go.

For example, the following image shows a phishing email that purports to be from Dropbox with a link to download a PDF. Upon scrolling over the link, WITHOUT clicking on it, we can see that a small bubble popped up showing where the link is actually coded to go, in this case a non-relevant domain x.co/rack288ce8.  If using a browser-based email system, the link bubble may not pop as shown below rather may appear lower-left in the status bar.

Image of Dropbox fake email

Have other tips you think would be helpful for our readers? Submit your tip and we’ll send it out in a future newsletter.

Submit Tip

PS. This image also shows another indicator that the email is fake.  Can you spot it?  Contact us here if you’d like the answer.

PPS. This trick also works with PDF documents. Fake emails may have a non-malicious PDF file attached. However, when you open the PDF, it will contain a link or button to a malicious site. Simply scroll-over the link to see where it’s actually going!