Is It Real or Is It Spam?

Updated: April 30, 2009

Most businesses rely on spam filters to determine the legitimacy of incoming email. Yet filtering technology remains far from perfect, and a good deal of junk email still winds up in users' inboxes. This fact makes it important to be able to visually spot the differences between real email and the digital rubbish spammers generate. Being able to quickly tell the difference between real email and spam will help you save time, unclog your inbox and pay closer attention to the messages that you really want to read.

Finding the Differences

When it comes to spotting spam, here's what to look for:

Step One: Your first action when examining an email should be to check its subject line . Spammers try their best to make their emails look legitimate, yet an email's heading often betrays its true motive. Come-ons for things like herbal medicines and home-equity loans are usually quite easy to spot, since they often have hyperbolic headings like "Incredible Bargain," "Special Report," or "Limited Offer." Phishing messages can usually be identified by headings such as "Immediate Action Required" or "Verify Your Account." All of these emails can be erased with no regret.

Cryptic subject lines, such as "Frank told me to write you" or "Important business question," are more difficult to interpret and will require you to investigate the message more fully. Any messages without a heading should also be checked out more thoroughly, since it may be either spam or a genuinely important letter that was sent in haste.

Step Two: An email's "from" line can provide significant clues about a message's worthiness. You already know the names of people you regularly correspond with, so it's easy to spot messages from these individuals. On the other hand, emails with a from line that contains only a company name are almost always spam or phishing lures. To research any message's legitimacy, check out the email's return path to verify that it leads back to the person or organization that it purports to come from.

The trickiest emails to decipher are the ones sent by total strangers, who may be spammers or individuals posing a genuine business question or offer. The only method of determining the legitimacy of these messages is to investigate still further.

Step Three: The dates can sometimes provide a clue to an email's value, and take less than a second to check. If a message with a far past or future date suddenly arrives, it's more than likely from a spammer seeking attention.

Step Four: If you're still not sure about a particular message's authenticity, examine its content. If an email addresses you as a "friend," "valued customer," or "colleague," you can be sure that its sender doesn't know your name.

Poor grammar, bad spelling and awkward, non-native use of English are other signs that should arouse your attention. Also look for Web links that lead to suspicious sites (such as a message from someone supposedly at Acme Co. that contains a link leading to a non-Acme Co. site). Con artists also often use URLs that resemble the name of a well-known company but are slightly altered by adding, omitting or transposing letters.

Step Five: Never open an attachment unless you know who sent it, or at least understand why it was sent to you.

The Bottom Line: Knowing how to tell the difference between real email and spam will help you save time and potentially spare you from financial, professional and emotional loss.

Related Categories
Featured Research
  • Securing Enterprise Information Technology

    In the 1980s and 1990s, business applications and data were largely confined within and protected by a Local Area Network (LAN). The 2000s introduced a significant change. Download this white paper now to learn why the shift to the cloud is changing how companies think about and manage their IT infrastructure. more

  • Office365 Adoption eGuide

    Microsoft moved to the cloud in 2014, and, as a result, Office 365 is taking off. Now, Okta customers are connecting to Office 365 in increasing numbers. This eGuide explains why IT departments should plan and deploy solutions around identity and mobility management in concert with their Office 365 roll out to get maximum user adoption. more

  • Okta Directory Integration

    For most companies, Active Directory (AD) or Lightweight Directory Access Protocol (LDAP) play a central role in coordinating identity and access management policies. When on-premise applications are integrated to Active Directory or LDAP, users get the best possible experience. That's why Okta's cloud-based identity and access management service provides a highly useful single integration point. more

  • Top 8 Identity and Access Management Challenges with Your SaaS Applications

    With more and more businesses adopting Software-as-a-Service (SaaS) applications, enterprise IT is fundamentally changing. This whitepaper presents the eight biggest Identity and Access Management (IAM) challenges associated with adopting and deploying cloud and SaaS applications, and discusses best practices for addressing each of them. more

  • Better BYOD with Pulse Secure and MDM Partners

    Learn how Pulse Secure and leading MDM product partners are transforming the way employees and IT benefit from the productivity and flexibility of BYOD — without compromising security or increasing management complexity. more