Evaluating E-mail messages - Scam or no scam

Evaluating E-mail messages - Scam or no scam

Questions to ask yourself

The standard sniff tests on evaluating E-mail attachments or links are (more than 2 below and it's probably phishing/scam):
  1. Were you expecting it?
  2. Do you know the person? (Just recognizing the persons name doesn't automatically make the message safe, viruses are sent with name of people you know)
  3. Does it make sense you'd be getting this?
  4. Does the content of the message (file or URL) jive with the rest of the message?
  5. From:, Replyto:, sending server etc. Are there anomalies?
  6. Is the language/spelling have the proper syntax (does it look like it's written by someone that doesn't speak English as their first language)?
  7. Research extra info of the message (Address make sense, call phone numbers etc)

If you wanted to investigate a little further in other cases, you can do a virus scan online using many virus scanners:
  1. Save the pdf to your computer without opening it (or viewing in explorer with the preview pane enabled)
  2. Goto www.virustotal.com and upload/scan the file.
Note that handling virus files are safe to save/cut/copy/paste/move around and handle (and just doing that will make your Antivirus scan the file automatically). You get in trouble when you open/view/preview/etc it with a program/application/windows preview function etc.



Example



In this case the warning signs are:
  1. juno.com is an old ISP/E-mail system, infrequently used on a regular basis
  2. You don't know the person
  3. Could go either way on the language composition
  4. Googling the address shows it's a residential house not a business: https://www.google.com/maps/place/9236+Avers+Ave,+Evanston,+IL
  5. Why is a business using Juno?
  6. Rhetta Perkins doesn't appear in a google search, Primus LLC doesn't seem to be in that location/state
  7. Google search of the phone number doesn't show anything that matches other info (it's a mobile phone)
  8. Virustotal reports: https://www.virustotal.com/en/file/692dd86f1bd1f699c2d382eb8bfca7cf26f34621ca3248e620288fec762200f3/analysis/
I give this example high probability that it's a scam.

Checking the E-mail header information results in even more mismatching information:




    • Related Articles

    • Understand the E-mail "Read Receipt" or "Return Receipts" requests

      These are the basic rules of the "Read Receipt" or "Return Receipts" on E-mail messages. It's generated by the E-mail client on the receivers end (not the E-mail server) It is a optional request we make of the receiver who can usually choose to ...
    • David's 3 Rules to Staying Safe on a Computer

      Here's David Troesch’s 3 rules of staying safe on a computer. It's my attempt at distilling my 25+ years of experience and knowledge down into some simple rules to live by in the digital realm.  Rule Number 1: Keep all software patched and up to date ...
    • New Remote Support Logo

      I've updated the logo associated with my remote support tool that's installed on your computer. You'll find it in the systray (bottom right corner of the screen by the clock (sometimes it's hidden in the up arrow). Old New You can also use this to ...
    • Addressing E-mails: To, CC, and BCC defined

      When sending E-mail's always remember what each field is for, and the results. If you're mass-mailing groups of people, never use TO or CC, always use BCC. To: Primary person or persons you're sending the E-mail to.  Visible to everyone that receives ...
    • The 5 Passwords of life - Keeping your Digital Persona secure and avoiding Identity Theft in the modern day

      3 simple steps to securing your digital identity STEP 1 You should have at the most 5 passwords to remember. Each password is different, and those passwords are never used anywhere else (#5 can be stored in your password manager if you don't check ...