Dissecting a spam email

There are in excess of 100 billion spam email messages sent every day. Even with the best email filters, some of it is bound to end up in your inbox.

The “Your Mailbox is Almost Full” email – Ever received an email from “IT Support” that states your email account is over limit? In the email image below, I’ve pointed out three places to look for to see if this email is legitimate or not.

First, I look to the “to field”. My name and email address are not in the to field. In fact, no email address is listed in the to field. This leads me to believe that I was BCC (blind carbon copied) on the email along with many others.

Second, I look to the from name and email address. The email address is not one that I recognize. The URL is not known to me and neither is the person’s name. I also happen to know that we don’t contract with a company called ICT, so there is really no reason they would be sending me a support email.

And third, when I hover over the link in the email (Clean-up system) I see the URL is questionable and built on a free site that was likely put up just for this scam. Now, I didn’t click on the link, so I don’t know what is on that site, however, I can guess at what I would find. It would likely ask for my username and password at which time they would have all the info they need to hack into my email account. If you’ve heard of Panama Papers, you’re well aware of the damage that a hacked email account can do.

So what should you do when you get an email like this? Delete it. If you aren’t sure whether it is legitimate or not, forward it (or a screen shot of it) to your actual IT person to have them verify the contents of the email.