How to tell if an email is a scam or phishing

Posted on

I often get emails from clients asking me about the legitimacy of messages they get, and here are a couple of common ones that I wanted to bring to your attention:

1) Fake Domain Expirations:

A common scam is from companies warning you that your domain is about to expire, and trying to get you to renew it through them. The problem is since they are spammers and not your actual registrar, this involves you transferring it to them! Following through with this sometimes means accidentally changing registrars, but it could also result in you losing ownership of your own domain! Below is a sample of one of these emails that one of my clients got.


A few things to notice on here which are common to nearly all spam/scam emails:
First look at the “from” address as well as the URL of the link they want you to click. they are bizarre and unprofessional, with strange domains (instead of something you’d expect like or

Second, they don’t even match (the email is from a totally different domain than the URL to click).
Sometimes the URL that is shown in the text is actually different than the URL you will be taken to when you click.

The only time you should respond to one of these is if it is from your own domain registrar. Make a point to know who your domain registrar is. (not sure? Ask me.)

2) Phishing emails

These are sometimes harder to detect (if they are done well) but here is what to look for… On the screenshot below, it all looks legitimate, claiming to be from (a credit card gateway), but in fact this is a very nasty phishing attempt. The way you can tell is by hovering over (hover only, do NOT click!) the URL that they want you to click on. When you do that and look down at the very bottom of the window, depending on what email client you are using, you should see a little box that shows you the URL that the text is actually linking to. See screenshot below, when you hover over the URL, notice the destination is different! This is the first and primary sign of danger!


Another telltale sign is that they often contain misspellings and punctuation errors. See above where it says “we couldn’t fine your account information” as well as the messed up punctuation after the words “48 hour” (in fact this whole sentence is just a debacle!)

A dose of common sense sometimes helps here, too. You will generally NEVER get an email from any legitimate website asking you to log in. The only time you should respond to these are when you have just signed up for a new account and you have to verify the email address. In this case, you are probably looking for the email, so you can assume it’s legit. But when it shows up out of the blue, beware!

Posted in Wordpress Tips, Tricks and Reusable Bits of Code.