Darryl's Weblog

Tech in the real world

  • Home
  • About
  • Blog
  • More
Posts Comments
  • Hardware
    • Smart Phones
    • Tablet
  • Microsoft
    • Surface
  • Apple
    • iPad
  • Android
  • Cyanogenmod
  • Touchpad

Is that email really from your bank? Here’s how to tell.

January 23, 2012 2 Comments

I recently received an email from my bank that stated that they detected multiple attempts to access my account online. I was on my way home and read this email on my phone. For the entire ride home I was nervous. I wanted to pull over and call the bank right away.

The email went on to read “to reverse the pending charges please click here and complete the account verification information, if you do not provide this data in 24hrs we will proceed with the charges”. That’s when it hit me, why wouldn’t the bank just call me like the always do for matter such as this?

Normally if I receive an email like this I would view the source data of the email, look at the Sender and Return path data as well as the link destination and quickly determine if its fake, notify the banks fraud department and move on with life, but this message was very convincing and I could not view the source from my phone. I almost clicked on the link but that little voice in back of my head said, “dude you have 24hrs, wait till you get home and check it out.”

When I got home I examined the email and saw that it was fake, but it dawned on me, if a seasoned professional who sees this sort of thing all the time came so close to being caught, thousands of others probably clicked on that link. So here’s what to look for:

  1. First, the obvious, “Your bank’s fraud department would call you. They wouldn’t send an email”
  2. If there is a problem with your account, they wouldn’t need you to verify any information
  3. If the email has a number, look up it up on Google, if it doesn’t come up as belonging to your bank, don’t call it
  4. Call your bank (use the number on the back of your bank card) and tell them about the email
  5. View the source of the email. This isn’t something that most people know how to do, so I’ve included instructions below
Bottom line, don’t panic. Call your bank as soon as you can and always report incidents like this. All banks have a fraud department email address. You should forward this email to them so that they can inform others of this new scam.

How to view the source of the an email:

In GMail it’s very simple, right next to the Reply icon there is an arrow that points down for more options, click it and select “Show original”.

A new page will open up with a lot of code. Dont panic, you are just looking for a few lines near the top.

  1. Look for “Deliver-To:”, in a legit email it will have your email address, this is your first clue.
  2. Next look for “Return-Path:”, on a legit email the address would be the same as the senders address and it your has the banks domain ( _ _ _ _@bank.com) in the address.
  3. Lastly, look at the next line “Received: from.” This line should have the same domain at the end. In my example here you will see that it ends in “.yahoo.com”, it should have been from “_ _ _ _@bank.com”

 

In Outlook 2010:

With the email open, go to File then Properties

You might want to copy the “Internet headers” data into notepad and look for the same labels, “Deliver-To:”, “Return-Path:” and “Received: from.”

Again, don’t panic, don’t click on any links, call your bank and report the fraud attempt.

 

Other sources of information and reporting:

  • http://www.fbi.gov/scams-safety/e-scams
  • http://onguardonline.gov/articles/0002-common-online-scams
  • http://www.scambusters.org/email-scams.html
  • http://www.hoax-slayer.com/

 

Darryl J Baptiste

Filed under Internet, Security Tagged with account verification, fraud department, google

Categories

Recent Posts

  • Windows 10 Creators Update is coming soon
  • Was the Courier Project really killed off or did it transform into the Surface, OneNote and Windows 8?
  • Surface Pro 3 – They finally got it right
  • Xbox One Voice commands
  • CM9 Developers to all HP TouchPad owners – Surprise!

Archives

  • March 2017
  • August 2014
  • June 2014
  • March 2014
  • February 2012
  • January 2012
  • May 2010
  • April 2010
  • January 2009
  • November 2008
  • October 2008
  • September 2008

Blogroll

  • Darryl\’s Weblog
  • Garmin Nuifone
  • WordPress.com
  • WordPress.org

Meta

  • Register
  • Log in
  • WordPress
  • XHTML

Blog at WordPress.com.

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy
  • Follow Following
    • Darryl's Weblog
    • Already have a WordPress.com account? Log in now.
    • Darryl's Weblog
    • Customize
    • Follow Following
    • Sign up
    • Log in
    • Report this content
    • View site in Reader
    • Manage subscriptions
    • Collapse this bar
 

Loading Comments...