Spotting bogus emails
Last updated January 2018
Email has its origins in US military and academic institutions of the 1970s. The network was
private, and its users were known and trusted, so it didn’t need to be too secure. Its creators
could hardly have predicted that this simple system would survive largely unchanged into the
21st century and become an essential part of our lives.
Simplicity, openness, and the fact that it’s free are some of email’s greatest strengths, but
they also leave it open to abuse. We’ve all faced the challenge of trying to tell whether a
message is genuine, knowing that a bogus message could lead to identity theft, financial loss,
or damage to our computer. With a little knowledge, you can protect yourself well from these
In the past, poor software design meant it was advisable to not even open suspect
messages. This has been fixed. Nowadays, opening any email is generally safe.
Instead, the dangers lie in:
- Opening a malicious attachment
- Clicking a link to a bogus website
- Replying with private information
Check the From address
A simple email comprises a To and From address, subject and body. It’s easy to spoof the From
address; in other words, anyone can send a message purporting to be from any address. So bear in
mind that, for example, a message from firstname.lastname@example.org may not really be from BT.
This might sound like an unforgivable shortcoming, but consider that the postal
service is the same: I can write to you and put someone else’s address on the back of the
The good news is that many bogus email senders don’t spoof the From address, or spoof it to
something that’s a blatant giveaway that the message is bogus.
This is perhaps thanks to the increasing adoption of systems that designate
certain servers as the authorised email senders for certain domains. Modern providers like Gmail
and Hotmail use this information to identify spoofed From addresses and mark messages as spam.
So if you suspect a message is bogus, check its From address. If for example the
message is about your Amazon account, but the From address doesn’t end in something like
@amazon.co.uk, alarm bells should ring.
Unfortunately a lot of email software now hides the From address to begin with, instead showing
just the sender name. The sender name is useless because bogus messages almost always spoof it
(e.g. ‘Barclays helpdesk’). So ignore the sender name, and learn how to reveal the From address
in your email software. Often, you do it by hovering over or clicking the sender name.
Check the destination of links
To achieve its aim, a bogus email might for example tell you that someone has hacked into your
Facebook account, and have a link saying ‘click here to change your password’. You needn’t
take chances with these links.
- On a phone or tablet, press and hold your finger on a link to reveal its address.
- On a computer, rest the mouse cursor over a link – without clicking – to reveal the address to
which it leads. This may appear in the bottom-left of the window.
In Safari on Mac, you need to click View > Show Status Bar to enable
I have a separate guide to interpreting Internet addresses.
Check for bad spelling or grammar
A common sign that a message is bogus is bad spelling or grammar. In the heat of the moment it
may be easy to miss, but it’s often the most obvious clue, so take your time. For example:
- Apple is unlikely to write its name without a capital letter in an official email
- Yahoo isn’t written Yah00 (see the zeroes instead of letters at the end?)
My customers often forward me suspect messages, asking if they’re bogus. Of those
that are, almost all contain simple giveaways like this.
Of course, a genuine sender may make a spelling mistake, and conversely, a scammer may write
perfect English! So there’s no definitive rule here.
I’m a computer technician and tutor serving North Oxford, Kidlington, Woodstock and the
surrounding villages. Visit my home page to find out more and get in touch.