How to tell a fake email from real

With Cryptolocker and its clones still infecting businesses, the best way to thwart hackers and scammers is to be aware and alert.  Email used to be a relative safehaven but with the advent of these ransomware products, email has turned into a hostile environment.  So how do you tell what is a legitimate email and what isn't?  Here are 4 tips to help you prevent getting infected:

1. Always be suspicious of unsolicited email.

The internet is a hostile place and scammers are looking to take advantage of people's trusting nature.  Expecting your antivirus and/or antispam product to remove all malicious email is a fools paradise.  Your antispam or antivirus product is probably removing most infected email so the fact something made it through lulls you into a false sense of securtiy.  Always have your shields up and trust no one.

2. Check that email address is from a legitimate source.

For example, the a recent AGL bill email I received had what appeared to be the AGL Energy billing department as the sender.  You would expect AGL to have the website agl.com.au or something similar, but if you look at the email address from which I received the bill, it actually came from an Italian company, not AGL!

3. If you are invited to click on a link within the email, make sure it is from a legitimate source.

If you hover your mouse over the link you will see the address it will take you to.  If it is an unexpected address, do not click on the link.  In this case shown below, I would expect to see the link go to agl.com.au, instead it will send me to alterfiction.com.  What is alterfiction.com?  Probably a crypto ransomware.  Hackers can be very crafty when it comes to disguising their links within email often changing a single letter in the domain name.  For example, amazon.com could become amezon.com and you may not even notice the difference until it's too late.  The rule of thumb is NEVER click a link or open an attachment in an unsolicited email.  And I mean NEVER!!  If you have a bill due for payment and you received this information via an email, do not click the link or open the attachment.  Instead visit the website manually to check the status of your bill/account.  Going to the website and checking manually is a pain but it is far less painful than having to recover from a crytpo ransomware attack.

4. If in doubt, chuck it out.  Press the delete key and avoid being hacked!

We hope these simple tips help you manage your email better and allow you to make the correct decision when deciding whether to click on a link in an email.