How to tell if an email is fake: 5 tips to avoid scams and identify phishing attempts

Your email contains more personal data than you think, here's how to keep it safe.

For all the cybercrime threats online today, fake email remains a major problem. Often, malicious email is used to spread computer viruses and attempt to obtain your personal details. It is used by hackers, petty crooks and state-sponsored spies but there are easy ways to tell if an email is fake.

Here are IBTimes UK's top five tips to keeping your email safe from hackers.

Check the sender's information

When an email lands in your inbox, the first thing to do is check who it's from. Yes, it seems straightforward however it's vital to look behind the same and also check the email address / domain.

Hackers can spoof email addresses to appear similar to a legitimate account – be it your friend or lawyer. Ask yourself, would Sarah from the accounting department really request a copy of your banking information from S@rah@accountsx.net?

Be aware of all suspicious links

Malware-ridden links and attachments are still the main way to spread viruses with the click of a mouse. It's important to never click a link without first knowing that it is legitimate, which can be tested simply by hovering over it to see the destination.

Likewise, if you are sent an unsolicited attachment, think twice before opening. If you are unsure you can always contact the sender of the message to double check what you have received is real. Additionally, if hovering over the link does not show the destination then right click, copy link location and paste into a word document to see the result.

Check the grammar / tone of the email

Often the biggest giveaway from a fake email is the tone and grammar. If an email claims to be from your bank, it is highly unlikely to ever have typos, for example. Cybercriminals from around the world can now use free services such as Google Translate to circumvent this, however, if your suspicions are raised at all it's very likely to be a scam, trust your instincts.

Know what services will request your data

Some brazen cybercriminals will send emails disguised as a major service, such as a social media website or a bank. Being aware of what information such firms usually request will help you spot the fraudulent attempts. In short, no service responsible for handling your money is likely to request your personal data via email, even online services. That goes for banks, PayPal, Google, Amazon, Netflix and eBay, which are all popular services mimicked by scammers.

Be aware of phishing / spearphishing

The ultimate aim of fake email is often to re-direct you to another webpage which is used for phishing purposes. This often will take the form of a website that appears genuine but is set up in a way that will steal any credentials you insert.

For example, if you click a link that says you urgently need to update your Gmail password it may bring you to a hacked website that appears real, but once you insert your details it will be sent directly to the criminal, who can then log in to your account and pilfer what they like.

The best way to combat this is by checking the website's URL address or if the website's connection is secure. This is often symbolised by a golden padlock or the letters 'Https' in the top domain bar. Again, if in doubt, never put your personal information into a suspicious login form – no matter how genuine it seems.