Five simple clues that an email is dangerous

Office for Mere Mortals
Your beginners guide to the secrets of Microsoft Office
Invalid email address
Tips and help for Word, Excel, PowerPoint and Outlook from Microsoft Office experts.  Give it a try. You can unsubscribe at any time.  Office for Mere Mortals has been running for over 20 years, we've never, ever revealed or sold subscriber details.  Privacy policy

Four simple clues that an email should be deleted. Among the bogus coronavirus emails was something new to us and apparently the anti-spam filters that should have detected it. We’ll use the dangerous email as an example of what to look for in a scam or virus-infected email.

The email is supposed to be an ‘IKEA Quick Survey’ with the chance to win a gift card.

It’s obvious to us that it’s a fraud, how did we know?

four simple clues that an email is dangerous microsoft outlook 35835 - Five simple clues that an email is dangerous

Company doesn’t ‘know’ me

The supposed sending company doesn’t have my email details.  Ikea doesn’t have my email address. It could be a ‘cold email’ from a purchased email list but that’s less likely.

This alone is a quick clue.  For example, emails from banks you’ve never had an account with.

Wrong sender domain

A dead giveaway, look at the domain name in the senders address.

four simple clues that an email is dangerous microsoft outlook 35836 - Five simple clues that an email is dangerous

 

Any legitimate email would come from the company’s main domain name.

The domain name showing could be owned by the criminals or ‘borrowed’ from a legitimate business.

Summary line

The email summary line makes little sense.

four simple clues that an email is dangerous microsoft outlook 35837 - Five simple clues that an email is dangerous

It’s Swedish for “Make sure your home always looks beautiful.” The real Ikea would not put that in an English language email.

The foreign text might be a mistake by the scammer or a trick to fool anti-spam filters.

Wrong links

All the clickable links use a domain with no connection to the real company.

four simple clues that an email is dangerous microsoft outlook 35838 - Five simple clues that an email is dangerous

Always hover over the link in an email to make sure it matches the real company.

Some legitimate emails do have links via third-party services but they should not.  Any properly run email marketing has links using the common domain name of the company (that’s what Office-Watch.com itself does).

The bottom of the email has some wording to make it look more legitimate but it’s more trickery.

four simple clues that an email is dangerous microsoft outlook 35839 - Five simple clues that an email is dangerous

The report and unsubscribe links don’t do anything except tell the scammer that you’re foolish enough to click a link.

Don’t click on the links

Sure, it’s tempting to click on a link in a scam email, just to see what happens. DON’T DO IT.

That includes any ‘Unsubscribe’ link at the top of the email and put there by your email program.

The links in these scam emails are usually personalized to the email address sent to.  Even if the web site is harmless, the scammer knows you’re a likely target and will send more and cleverer emails to that address.

.DOC .XLS .PPT attachments – Beware

Not in this nasty email but a common trick is sending bad Office documents using the older formats; .DOC .XLS .PPT and similar three letter extensions. If any email or message attachment arrives with these older document formats, treat with great suspicion. In most cases, delete the message.  If it might be from a real sender, ask them to resend in a safe, modern format.

Why Old Office documents should be banned

Any legitimate sender should be sending modern .DOCX .XLSX or .PPTX Office documents which can’t include macros.

Other clues

There are other, more technical, clues, but the five above should be enough to identify any messages that get through to you.

Automatically marking Office Watch etc as ‘not spam’ at your mail host

A risk of spam filters – you might miss a real prize!

Outlook spam filter being allowed to die

 

subs profile e1563205311409 - Five simple clues that an email is dangerous
Latest news & secrets of Microsoft Office

Microsoft Office experts give you tips and help for Word, Excel, PowerPoint and Outlook.

Give it a try. You can unsubscribe at any time.  Office Watch has been running for over 20 years, we've never, ever revealed or sold subscriber details.  Privacy policy
Invalid email address