HonorSociety.org Scam Protection Tip #1: Look for the Display Name
Aug 17,2020This is from the Honor Society published book called "How to Avoid the Top E-mail Scams" by Mike Moradian, written to help protect our member and student community from common online scams. To learn more about the book or to purchase a copy, click here.
Tip #1: Look for the Display Name
One of the first things you notice about a fresh new email in your inbox is the display name. This is otherwise known as the name that appears next to the email address, often outlined in brackets. These names are then organized into a vertical top down structure that makes it easy for you to sift through emails, organize notices, and process dozens of email at a time.
The display name can be different from the email, as well as the same. Generally, if a legitimate person emails you from, let’s say, Morgan Stanley, the display name and address are going to line up. The display name would be “Morgan Stanley” and the email would probably be “[email protected].”
However, this is one of the quickest ways to know if you are dealing with a phishing artist. One company, Return Path, analyzed more than 760,000 email threats that targeted 40 of the world’s largest brands. They found that nearly 50% of the attackers spoofed the brand in the display name, which is good news for you.
Here’s where this can get tricky.
Different Display Names Can Sneak Through Malware
If you have basic malware or anything of the sorts set up on your computer, it’s going to work overtime to try and block out everything that is lacking in legitimacy. But, if a phishing artist uses an email like “[email protected]” but pairs it up with a display name that says Jim’s Scholarship Fund, then the email is going to appear legitimate and sneak through.
Why?
Because you might already have Jim’s Scholarship Fund blocked by your malware. But since the email is different from the name, it’s still going to display in your inbox, and probably look legitimate.
Don’t Trust the Display Name
It’s good practice to check every single display name that lands in your inbox. If anything remotely looks suspicious, do not open the email. If you spot any inconsistency in a display name lining up with an email address, do not open the email.
Don’t Forget This Domain Name Trick
We’re going to look at another trick that should hopefully position you strategically out of the starting gates. You don’t need to be a DNS naming structure expert to understand how to spot a phishing artist today. Remember that the last part of a domain name is always the most telling. Take this email for example: “info.alexsharp.com.” That email is the child domain of “alexsharp.com.” Since alexsharp.com appears on the right-hand side, that is how you can tell the legitimacy.
But, if you get an email like alexsharp.maliciousdomain.com, placing the domain on the left-hand side now, it is clear this email did not originate from the parent email, as outlined above.
Phishing artists constantly try this trick as a way to convince victims that a message is coming from a company like Apple, by sending related emails like “Appleinfo.contacttoday.com.” Unless the domain is direct, to the point, with the contacting agency’s name as the right-hand part of the email, that is another way to spot a fraudulent attack.
With these two tricks, it should be easier for you to spot mismatched names and domains, as well as fraudulent domains related to real, legitimate platforms.
Of course, we can’t spot everything, or necessarily tell if every email is fraudulent in this manner, which is why sometimes, you might end up clicking open the email. Fear not – these emails will require you to click on some kind of link or attachment in order for them to steal your personal information.
The interior of the email should be able to help you confirm your sneaking suspicions, which is what we’re going to look at next.
For more on how to protect yourself online, read tips from our published book below:
Intro: How to Avoid the Top E-mail Scams
Tip #1: Look for the Display Name
Tip #2: Do Not Click the Links
Tip #3: Scan for Spelling Errors
Tip #4: Look for Personal Information Requests
Tip #5: The Offer is Unrealistic
Tip #6: You Never Initiated the E-mail
Tip #7: The Email Requests You Send Money
Tip #8: The Message Contains Some Kind of Threat
Tip #9: The Email Claims to be From a Bank or Government Agency
Tip #10: Your Gut Tells You Something is Wrong
Extra Credit #1: Tips for Staying on Top of Phishers
Extra Credit #2: Knowing When It's a Real Email: 5 Tips