How to Spot an Illegitimate E-mail

Chances are you have received e-mail to request that you update your e-mail, bank or credit card account; to purchase a deal that just too good to be true (and undoubtedly is); or to notify you that there’s a problem with the UPS, Fed Ex, or USPS package that you never sent. These seemingly different messages could have some nefarious goals in common. They usually do not come from the senders you think they do, and the links that the messages contain seek to grab your personal information or to infect your computers. So how can you tell the legitimate messages from the illegitimate ones? How do you know when to press delete and not give it a second thought? There are several telltale signs.

First look for misspellings in the messages. A message that produces many spelling and grammar mistakes is probably not from a reliable source. The reliable sources–the ones who really want your business and your repeat business–are going to try their best to produce an exceptional product. This includes their customer service which includes e-mail communication.

Next, look at the links, but don’t click on them. Notice the sender’s address in the from field. Is the sender from a .com, .net., .edu domain? Does this domain match the real organization’s domain name? Reputable businesses usually have a clearly defined domain name for their web presence (e.g., If someone at the University of Delaware writes to you, and they use their UDelNet ID, they will have an e-mail address that contains Also, notice the links throughout the messages. If addresses are hidden, use your mouse to hover over the links but don’t click. Sometimes, depending on the browser settings, you can see the actual link appear in the bottom left of your browser when you mouse over it. Some phishing messages may use a different domain that what you are used to for that company or institution. For example, if you receive an e-mail from someone,, or, it’s not legitimate. Want to do a quick check for the real domain owned by an organization? Open a browser such as Firefox and Internet Explorer and go to Google to search for the organization that supposedly sent you mail. You can see from the search results the domain name the organization really owns. With the ultimate goal to get your personal information or to infect your computer, spammers or phishers may have a new address every day or every hour to bypass your spam filters and to make themselves somewhat untraceable. Infected computers could allow hackers access to your computer and all information on it through the malware downloaded by a click of a link.

Another step is to look at the purpose of the message. For security reasons, your bank or the University are not going to ask you to update personal information via e-mail. Also, think about your past actions. For example, if you did send a package by UPS recently, and received an e-mail message regarding delivery problems, you can write or call UPS or the recipient to verify. But don’t click on the links in the message.

Finally, if in doubt, call and report. You can always call or write to the organization reportedly sending you a message, or you can write to OET, to verify if it’s legitimate.

These are all good steps to take. Never trust any one of these steps alone. We all have bad days when we misspell words or make grammatical mistakes, for example. In combination though, these steps give you the ability to see what is good from bad, to separate the wheat from the chaff, and to confidently click delete when necessary.

This entry was posted in Best practices, E-mail, Phishing, Security.