How to Tell If an Email Has Been Spoofed

No matter how careful you are, it seems like you can’t escape email spam. With scam websites selling email addresses in bulk, chances are high that yours has already made its way onto a few dozen lists. That means you’re likely going to get sent automated messages on a regular basis.

There are ways to escape this fate, including using temporary emails for when you need to sign up for random accounts and sending email anonymously to help keep your actual email address safe. Of course, if you’ve become the target of an individual scam artist who has taken over your address at random, you can find yourself in a spot of trouble. If you’re worried that someone is trying to scam you with a spoofed email address, here’s how to find out.

Check Credentials

If you receive suspicious emails from banks, online vendors, friends, or online payment services, you should always look at the credentials. Official emails will almost always include a paragraph or two that show the company’s address and contact information.

Hover over the links in the contact section and check the bottom of your browser to see what type of addresses they redirect you to.

Another trick you can use is to try and match the sender name to the contact address. If, for example, you got an email that seems to be from PayPal but you’re not sure, check the customer service link. If the department’s email address doesn’t end in “@PayPal.com” or “@PayPal.co.uk” or something along those lines, chances are that the email address was spoofed.

Check for Spelling Mistakes

Poor grammar and poor choice of words are telltale signs that an email address may have been spoofed. Before dismissing an email that looks suspicious or clicking on some seemingly interesting links someone sends you, take your time and read everything carefully.

If the spelling seems off but the topic of the email was made to look official, the email is most likely a scam aimed at stealing your personal information or infecting your computer with malware.

Language

Sometimes scammers put a lot of effort into writing these emails, but language can still be a dead giveaway. Say you’ve gotten an email from a longtime friend or former colleague, but the tone and content of the message seem a bit off.

Check for familiar expressions, slang, and shorthands before clicking on any links, downloading any attachments, or replying with the requested information. The grammar may be perfect and the spelling may be OK. However, if the language is too formal or too informal for the sender, this too could be a hint that you’re dealing with a spoofed email address.

Personal Information Requests

Companies that offer services over the internet typically don’t ask for personal information via email. Instead, they use encrypted, password-locked pages and forms to ensure that the information you enter cannot be intercepted by hackers.

If you’ve received an email that reads official, has a believable sender, but asks for personal information such as passwords, usernames, credit card information, and so on, you are likely the target of an attempted online scam.

How to Pull Up Header Information

Most of the time, reading the email header should give you a definitive answer as to whether an email has been spoofed or not.

If you’re using Gmail, click the three-dot icon or “down arrow” next to the reply button. One of the options listed should be “Show original”.

Clicking on this option should open a new tab, where you’ll see a lot of text and code that may be incomprehensible if you have no coding knowledge.

In that wall of text, there are three fields you have to look for:

1. Received
2. Received-SPF
3. Return Path

If the return path doesn’t match the sender, the email could’ve been spoofed. Furthermore, if there are different email addresses in the Received, Received-SPF, and the sender’s name, you may be dealing with a spoofed email address.

How to Check Header Information in Other Mail Apps

1. Outlook

If you’re using Outlook, you can check the header information by selecting View > Options. In Outlook Express, the equivalent action can be initiated from Properties > Details.

2. Yahoo

Yahoo! Mail users can select the Full Headers option to display more information about the sender address.

3. Apple Mail

If you’re using Apple’s mail app, you can open the email, select “View”, and then “Message”. The option “All Headers” should be available. Alternatively, you can just press Shift + Command + H while viewing the suspicious email.

Beware of Spam

Generally speaking, email providers do a good job of filtering out spam emails and sending them to your spam or bulk folders. However, this doesn’t mean that the occasional scam mail doesn’t slip through the cracks.

The more you use your email address to register to various websites or forums, the likelier you are to receive spam email from spoofed email addresses. As with anything else on the internet, if the content of an email you receive seems too good to be true, you should double-check the sender information before clicking on any links or downloading any attachments.