How to Detect Email Address Fraud

Every day, 111 billion emails are sent, and many of them are fake or from spoofed email addresses. Knowing how to detect email address fraud can help you avoid falling victim to cybercriminals.

In general, how to detect email address fraud involves using a stolen or hacked password to impersonate someone and ask for money or personal information. They often make a request that seems urgent or confidential, such as asking you to reset a password or change your payment details. Other common requests include a wire transfer or a request to provide payment details on a website form. These types of attacks are called business email compromise (BEC) or email account compromise (EAC).

How to Spot a Fake Email Address

There are several indicators that an email is likely a scam. The most obvious is if the email address doesn’t match the sender’s display name. In Gmail, this can be checked by hovering the mouse over the email or selecting the dropdown arrow next to the sender’s name. If the reply-to address is different from the email address, that’s another red flag.

Another red flag is when the email contains spelling or grammar mistakes. A misspelled word or two is normal, but multiple errors should be a warning. Also, if a link is provided in the email, hover the cursor over it to see the real URL before clicking on it. Legitimate links will usually open in a new browser tab or window, but scammers may use deceptive links that redirect to phishing sites or download malware onto your device.