Something is Phishy?

What are they trying to get?

We all get them someone sending an email that looks official or at least close trying to obtain login info, SSN etc. Most of us int he industry know what to look for but for some it may not be clear what to look for. There are some simple ways to validate if it gets past your spam engine.

macOS Mail

This example is for Appel Mail in macOS. This can be applied in theory for other mail apps for other OS’s and even iOS and Android. In the email app select the email and go to the top menu bar and Select View > Messages > All Headers. See screenshot below:

You can also look at raw source for details or if you just want a quick check you can click on the recipients email and you will see the address it is going to in this case “terba-w33@mail.com” nice try right?

Notice the email its doming from that is not Apples domain i.e. apple.com, icloud.com, etc.

Also companies won’t do this, they would send an email notifying theres an issue and to go to that companies website for more info. They will not provide a link to login this is where they get the information, for example:

See the “Verify your identity” companies don’t do this.

Most of time the grammar and spelling is just off. Remember, these go by legal if it’s something important so this stuff usually doesn’t make it to an approved state.

What can you do?

The best remedy is to setup your junk folder its not foolproof but it helps. I use SpamSieve it learns whats bad from your tagging whats good and bad. It also has intelligence so it will pick up patterns. Its for Macs and works really well: https://c-command.com/spamsieve/.