tip : 6 obvious ways to spot a phishing eMail

Not all phishing* attempts are easy to spot, but today I came across one that has some very obvious examples of what to beware of :

* FYI : phishing = an attempt to lure you into giving some unreliable source your private info of your credit card and/or bank account (internet criminals are ‘fishing’ for your secure info this way…)

1- OSX Mail.app has indicated it thinks this is “Junk Mail”

(though Mail.app isn’t 100% reliable on its suggestions of Junk Mail, it’s a good indication you should have a thorough second look)

2- the sender of the eMail is not sending from a reliable and/or known eMail address

a “.ORG”-eMail address will 100% not be something used by a bank

3- you are not the sole recipient of this eMail and/or your personal eMail address is not listed

if this were such strictly confidential info as is claimed, why would any bank send it to anyone else but you personally ? (furthermore : banks do not contact you on things like this though eMail, because of security reasons…)

4- you are not personally addressed in the text of the eMail, and neither is it indicated what the payment was for and to whom it would have been made

if this where an eMail form your bank or payment service to inform you on anything personal, why wouldn’t they inform you what it’s about straight away ?

5- the weblink-URL that’s included does not link to the website that is listed in its name, but to some completely different website

if you do a mouse-over on the URL in the eMail, a completely different URL is appears in a yellow highlighted line – now that’s about the best indication you could get that you’re being mislead !

6- if you lookup the actual domain that this eMail was sent from and is (re)directing to in WhoIs?, it gives registrant info that does not seem like any bank of payment service you know (especially the fact that it was created just a few days ago makes this extremely suspicious)

you can find info on the registrant of any website on WhoIs? :


try that with the domain used in this example and you’ll see info that is really suspicious :

A- a registrant eMail address that is on Hotmail…

B- a registrant street address that can not be found in Google Maps…

C- a registration creation date that is just a few days ago…


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.