Is that email really from your bank? Here’s how to tell.

I recently received an email from my bank that stated that they detected multiple attempts to access my account online. I was on my way home and read this email on my phone. For the entire ride home I was nervous. I wanted to pull over and call the bank right away.

The email went on to read “to reverse the pending charges please click here and complete the account verification information, if you do not provide this data in 24hrs we will proceed with the charges”. That’s when it hit me, why wouldn’t the bank just call me like the always do for matter such as this?

Normally if I receive an email like this I would view the source data of the email, look at the Sender and Return path data as well as the link destination and quickly determine if its fake, notify the banks fraud department and move on with life, but this message was very convincing and I could not view the source from my phone. I almost clicked on the link but that little voice in back of my head said, “dude you have 24hrs, wait till you get home and check it out.”

When I got home I examined the email and saw that it was fake, but it dawned on me, if a seasoned professional who sees this sort of thing all the time came so close to being caught, thousands of others probably clicked on that link. So here’s what to look for:

1. First, the obvious, “Your bank’s fraud department would call you. They wouldn’t send an email”
2. If there is a problem with your account, they wouldn’t need you to verify any information
3. If the email has a number, look up it up on Google, if it doesn’t come up as belonging to your bank, don’t call it
4. Call your bank (use the number on the back of your bank card) and tell them about the email
5. View the source of the email. This isn’t something that most people know how to do, so I’ve included instructions below

How to view the source of the an email:

In GMail it’s very simple, right next to the Reply icon there is an arrow that points down for more options, click it and select “Show original”.

A new page will open up with a lot of code. Dont panic, you are just looking for a few lines near the top.

1. Look for “Deliver-To:”, in a legit email it will have your email address, this is your first clue.
2. Next look for “Return-Path:”, on a legit email the address would be the same as the senders address and it your has the banks domain ( _ _ _ _@bank.com) in the address.
3. Lastly, look at the next line “Received: from.” This line should have the same domain at the end. In my example here you will see that it ends in “.yahoo.com”, it should have been from “_ _ _ _@bank.com”

In Outlook 2010:

With the email open, go to File then Properties

You might want to copy the “Internet headers” data into notepad and look for the same labels, “Deliver-To:”, “Return-Path:” and “Received: from.”

Again, don’t panic, don’t click on any links, call your bank and report the fraud attempt.

Other sources of information and reporting:

• http://www.fbi.gov/scams-safety/e-scams
• http://onguardonline.gov/articles/0002-common-online-scams
• http://www.scambusters.org/email-scams.html
• http://www.hoax-slayer.com/