Hot on HuffPost Tech:

See More Stories
Free Switched iPhone app - try it now!
AOL Tech

How to recognize an email scam or phishing attempt

Email scams, or phishing, aren't going to disappear any time soon. As much as we'd like to think that people we know aren't taken in by messages like the one in the screenshot above, chances are good that you know of someone who has taken the bait. It's easy enough to recognize a scammy email message if you know what to look for, so let's break it down. Take the jump and we'll dissect this message!

First, take a look at the sender. There are a few red flags here:
  • The sender's name reads Facebook
  • The sender's email address is not @facebook.com
  • the reply-to address is at a different domain than the sender (seinan-gu.ac.jp vs. mail.bg)
Now, let's check out the message body. Notice anything odd?
  • Does Facebook really run a lottery? We've never heard of one.
  • Would Facebook really give away 50 prizes of 1 million British pounds? That's about $77.5 million, and way more money than a non-gambling site on the Internet would ever give away.
  • Most lotteries are regional. I'm from Canada, so would I really be eligible for a lottery based in the U.K.?
  • Did I even enter a lottery?
Since this is supposed to be an official notice from a well-known company, you'd probably expect it to be well-written -- like any piece of business correspondence. Is that the case? No.
  • "might result to funds been returned unclaimed" is nowhere near proper English
  • "incharge" is not a word
So it looks like this message is already on shaky ground -- but why don't we do a quick search and see what we can find out about Bridget? As it turns out, "Facebook" has been notifying winners since at least October 2010. Bridget also has scores of email addresses, none of which are at facebook.com. If this was a real person and she did actually work at Facebook, she'd certainly have a email address like bridget.smith@facebook.com.

Scammers tend to re-use an email's message text over and over again, so copying all the text and pasting it into a Google search is a good way to find out whether or not you're being scammed. The message I received is all over the Web -- and frequently posted to sites which expose email scams.

Knowledge is your best defense against email scams and phishing attempts. By putting a critical eye to messages like this one, you'll have no trouble keeping yourself from getting caught in the phishing net!

Tags: email, how-to, mail, phish, phishing, privacy, safety, scam, scammers, security

Comments

8