Four simple clues that an email should be deleted. Among the bogus coronavirus emails was something new to us and apparently the anti-spam filters that should have detected it. We’ll use the dangerous email as an example of what to look for in a scam or virus-infected email.
The email is supposed to be an ‘IKEA Quick Survey’ with the chance to win a gift card.
It’s obvious to us that it’s a fraud, how did we know?
Company doesn’t ‘know’ me
The supposed sending company doesn’t have my email details. Ikea doesn’t have my email address. It could be a ‘cold email’ from a purchased email list but that’s less likely.
This alone is a quick clue. For example, emails from banks you’ve never had an account with.
Wrong sender domain
A dead giveaway, look at the domain name in the senders address.
Any legitimate email would come from the company’s main domain name.
The domain name showing could be owned by the criminals or ‘borrowed’ from a legitimate business.
The email summary line makes little sense.
It’s Swedish for “Make sure your home always looks beautiful.” The real Ikea would not put that in an English language email.
The foreign text might be a mistake by the scammer or a trick to fool anti-spam filters.
All the clickable links use a domain with no connection to the real company.
Always hover over the link in an email to make sure it matches the real company.
Some legitimate emails do have links via third-party services but they should not. Any properly run email marketing has links using the common domain name of the company (that’s what Office-Watch.com itself does).
The bottom of the email has some wording to make it look more legitimate but it’s more trickery.
The report and unsubscribe links don’t do anything except tell the scammer that you’re foolish enough to click a link.
Don’t click on the links
Sure, it’s tempting to click on a link in a scam email, just to see what happens. DON’T DO IT.
That includes any ‘Unsubscribe’ link at the top of the email and put there by your email program.
The links in these scam emails are usually personalized to the email address sent to. Even if the web site is harmless, the scammer knows you’re a likely target and will send more and cleverer emails to that address.
.DOC .XLS .PPT attachments – Beware
Not in this nasty email but a common trick is sending bad Office documents using the older formats; .DOC .XLS .PPT and similar three letter extensions. If any email or message attachment arrives with these older document formats, treat with great suspicion. In most cases, delete the message. If it might be from a real sender, ask them to resend in a safe, modern format.
Any legitimate sender should be sending modern .DOCX .XLSX or .PPTX Office documents which can’t include macros.
There are other, more technical, clues, but the five above should be enough to identify any messages that get through to you.