Leave a comment

There are 5 ways to know this email is fake: How many can you spot?

Here at Komando.com, we're always telling you to watch out for fake emails, but spotting one can be tough sometimes. So today, we're going to show you a fake phishing email we just got and you get to see if you can spot the five reasons you should be suspicious.

Just to let you know, two of the reasons are going to be tough without having the real email in front of you. However, these are things you should look for in any email you get, and we'll tell you how later. That being said, here's the email.


From: "Amazon" <xxxxxxxxx>
Subject: We Have an issue with your account
Date: November 17, 2015 at 10:08:28 AM MST
To: xxxxxxxxx
Reply-To: xxxxxxxxx

Dear Amazon.com Customer,
During our usual security enhancement protocol, We observed multiple login attempt error while login in to your Amazon account .
We have believed that someone other than you is trying to access your account for security reasons,
We have temporarily suspend your account and your access to online Amazon and will be restricted if you fail to update

Ready to find out how you did? Keep reading for the answers. We'll start with the two hardest ones.

1. Email addresses

For privacy reasons, we had to redact the email addresses from the image; it appears this email was sent out from a hacked personal account. However, we can tell you that the From and Reply-to addresses were not Amazon addresses. While hackers can trick the "From" to give any name they want, if you hover your mouse cursor over the From name, or click on it, in most email services you'll see the actual address pop up after a few seconds.

In this case, the address was clearly a personal address. Even if the address did say "Amazon" in it, though, look for tricks like "amazon.something.com," or "amazon@something.com" where Amazon isn't the actual domain. Legitimate emails from Amazon will only end with "amazon.com".

2. Links

Again, you couldn't tell this from the example above, but the links in the email weren't to Amazon. Instead, the email's links were to a form page on a random server that didn't say Amazon anywhere in the URL.

If you had gone there, there would likely be a spot to enter your Amazon username and password. Typing it in would have given the hackers access to your Amazon account.

To spot this trick in other emails, hover your mouse cursor over the button or link. You'll see the real link pop up after a few seconds. You could also right-click on the link, copy it and then paste it into a text document to see where it would really send you.

3. Language

The hallmark of most phishing emails is the terrible use of the English language. Even in cases like this where the hackers take the time to get a template of a real Amazon email (although that security logo is an obvious addition), they still can't seem to write good copy.

While a company's official email might have the occasional misspelling or grammar gaffe, a standardized notification email like this should be perfect. Plus, this sentence alone would get any Amazon employee fired: "We have temporarily suspend your account and your access to online Amazon and will be restricted if you fail to update"

4. Instructions

Aside from how the email is constructed, pay close attention to what it asks you to do. It says that there was a security problem with your account and you need to click a button to log in. That's a classic phishing technique.

Any responsible company that's sending out an unsolicited security notification will tell you to go to its website home page and log in to your account from there. It might tell you to call customer service with any questions. It won't tell you to click a button or link, or download an attachment.

5. Fine print

Because this template was stolen from a real Amazon email, the fine print doesn't match up with the main body. Specifically, this line stands out: "Please note that product prices and availability are subject to change. Prices and availability were accurate at the time this newsletter was sent; however, they may differ from those you see when you visit Amazon.com." Obviously, this was a deal or product notification email the scammers used, not a security email.

So, how many of those problems did you spot? Would this email have fooled you if it showed up in your inbox? Let us know how you did in the comments, and if there was anything else that tipped you off that we didn't cover.

Want more practice spotting fake emails? Take this revealing quiz.

Next Story
View Comments ()
A dangerous virus is infecting police body cams
Previous Happening Now

A dangerous virus is infecting police body cams

Anonymous declares war on ISIS
Next Happening Now

Anonymous declares war on ISIS