How to spot a fake email

Every so often I get a call or an email saying "I've just had this email can I click on the link" and each time I end up repeating the same bits of advice. So how to spot the fakes.

First Rule:

If you are unsure at all don't click on any links! Better safe than sorry.

Second Rule:

Were you expecting an email from this organisation or person? From friends and family that's a difficult one to answer particularly if they're the type who forward you every 'funny' thing they see. If it's unexpected treat it as suspicious.

Third Rule:

Look at where the link is trying to send you. In Outlook hover over it with the mouse and a popup will appear; in web browsers it'll often appear at the bottom of the page. A failed delivery notice from UPS for instance is unlikely to try to send you to lkajdlfjalkldaifj.com/WErkljsadfiiD.html

Third Rule - codicil:

Just because the address contains the name of the organisation doesn't mean it's genuine. Look at the bit directly in front of the .co.uk, .com, .net suffix - that's  where you're going. There's nothing to stop me setting up a site called hb.com and then directing you to hsbc.hb.com or tesco.hb.com. You're not going to their sites you're going to my hb.com site.

Fourth Rule:

If you are unsure at all don't click on any links! Yes I know that's the first rule but it's really important. If you get an email purporting to be from your bank saying click here to access your account and you find it suspicious, don't do it. Open your browser and access your bank the way you normally do it. In fact even if you don't find it suspicious just get into the habit of accessing your bank or other sites using the browser directly.

There we go. Follow those rules and you shouldn't have any problems.

Oh and course that's not to say legitimate businesses don't cock it up too.