If you've received an email that looks a bit dubious, it's always best to check its authenticity. Here are three ways to know if an email is real.
Have you ever come across an email that appears to come from a company but looked suspicious? There are many ways that scammers use to forge email addresses.
Check if an email is real or fake
Here, we will cover some ways you can identify genuine emails from fake ones.
Check the "From" address
You will often find fake emails that have a "from" address that looks similar to the original email addresses.
Take Apple's example. If you receive an email from Apple, you will see that the email address is Scammers would use similar email addresses as if to try to deceive the recipient.
Another example is the way scammers type the name of reputed companies to scam the public. For example, they might misspell Microsoft by using an “r” and an “n” to make it look like an “m”.
Alternatively, scammers could use different blockers or spoofing software to show you the legitimate email address. In this case, it is much more difficult to determine whether the email is real or not. Telltale signs include any spelling errors in the email or suspicious-looking links.
Check the "Reply to" address
When you receive an email from someone, you usually reply to the same email address, unless otherwise stated. When scammers send fake emails using someone else's email addresses, they don't have access to the email accounts of the victims whose name they use.
If a scam email requires a response from you, you will see that the “Reply to” field has a different email address than the one that actually sent you the email.
Scammers use this technique to get responses by inviting you to read and reply to the emails they send using the names of reputable brands, companies, government organizations, and so on.
Check the email headers
There are three main email security technologies used: SPF, DKIM, and DMARC. These technologies help the recipients of the emails to verify if they really come from the recipient or instead from a scammer.
Most major websites and companies use these three security measures correctly, as it allows the mail client to detect and block fake emails. It is worth remembering that some companies may not use these technologies or apply them correctly.
To check the security of an email, click on the three dots in the upper right corner of any suspicious email and click on Show original (or equivalent). Here you will be able to see each of the security checks and whether or not the email passed.
While the state can't definitively tell you whether an email is real or not, it definitely gives a good sign. If you see a fail or soft fail result, you should probably take the email with a pinch of salt.
You may be wondering why your email doesn't automatically check and filter spam and fake emails with so many checks, firewalls and security levels available. The answer to this question is that of the 140 million domains recently checked in an SPF survey, 80% had no SPF records, which are the bare minimum for security.
Without SPF records, there is no way for your email account to accurately filter spam messages. That's why you sometimes find important emails in the Junk folder and the odd spam emails in the Inbox.
No single test or sign can tell you for sure that an email is genuine or suspicious. You may need to run multiple tests to figure out if an email is genuine or not.