Always check the sender email address to ensure it is somebody legit. This is the first step to protect yourself against hackers. How exactly should you check?
An email address includes a username and domain name (whatever is after the @ symbol). In addition, it is common to have a generic name before the email address. Say if my email address is
You can actually break this down into 3 fields:
|Generic Name||IT Guy|
If any of the fields is suspicious, do not reply, do not click any hyperlink in the email body and do not open any attachments. Examples of suspicious senders include:
- "Apple Team" <apple13523yahoo.com>
- Anyone can create a yahoo address and assign a generic name to it, pretending to be from Apple.
- "Donald Trump" <new_usa_presidentgmail.com>
- Anyone can create a gmail address and assign a generic name to it, pretending to be Donald Trump.
- "IT Guy" <kenoutlook.com>
- Anyone can create an Outlook address and assign a generic name to it, pretending to be me.
- "IT Guy" <kenmaven-technologies.com.sg>
- This is good; Almost me but the domain is incorrect (has an extra dash). Remember to check all 3 fields!
Even if the sender is legit, if he/she is asking for something too sensitive, you should raise a red flag. It could be a sophisticated fraud and his/her email account could be compromised and hackers might be sending out emails without his/her knowledge.
Exercise your own discretion. If the sender is legit but the content feels odd, call the sender to verify.