Anyone Getting "Realistic" Fake Emails?

  • Thread starter Thread starter kyphysics
  • Start date Start date
Click For Summary

Discussion Overview

The discussion revolves around the prevalence and characteristics of "realistic" fake emails, often referred to as phishing or spear phishing attempts. Participants share personal experiences with suspicious emails that appear legitimate but contain oddities that raise red flags. The conversation touches on the tactics used by scammers, the importance of email security practices, and how to identify potentially harmful messages.

Discussion Character

  • Exploratory
  • Debate/contested
  • Technical explanation
  • Conceptual clarification

Main Points Raised

  • Some participants describe receiving emails that seem legitimate but contain suspicious elements, leading them to avoid opening them.
  • Others suggest that scammers often target individuals indiscriminately, using generic tactics to reach a wide audience.
  • Several participants emphasize the importance of checking the personalization of emails and the actual sender's address to identify potential scams.
  • There are discussions about the best practices for email security, including avoiding clickable links and checking message headers for authenticity.
  • Some participants mention specific examples of phishing attempts, including emails that reference personal information or recent transactions to appear credible.
  • Concerns are raised about the sophistication of phishing attempts, with some participants arguing that many emails lack specific details, while others believe more advanced tactics are used.
  • Participants discuss the ease with which email addresses can be faked, suggesting that relying solely on the sender's address is insufficient for determining legitimacy.
  • One participant shares a method of disconnecting from the internet before opening emails to prevent scammers from tracking interactions.
  • A question is posed about how to view the sender's email address without opening the email, indicating a need for clarification on email client functionalities.

Areas of Agreement / Disagreement

Participants generally agree on the existence of realistic fake emails and the need for vigilance. However, there are multiple competing views regarding the sophistication of these attempts and the effectiveness of various identification strategies. The discussion remains unresolved regarding the best methods for protecting oneself from such emails.

Contextual Notes

Participants express uncertainty about the effectiveness of certain email security practices and the technical knowledge required to analyze message headers. There is also a recognition that the tactics used by scammers may evolve over time, complicating the identification of phishing attempts.

  • #61
Some suspicious links will display one site but link to a completely different site.

in some cases, you can hover over the link to see the actual URL.

Here’s a suspicious link for yahoo.net that goes to a competitor.

Yahoo.net
 
  • Wow
Likes   Reactions: kyphysics
Computer science news on Phys.org
  • #62
jedishrfu said:
Some suspicious links will display one site but link to a completely different site.

in some cases, you can hover over the link to see the actual URL.

Here’s a suspicious link for yahoo.net that goes to a competitor.

Yahoo.net
That's absolutely nuts!

How did you do that?

Also, to be clear, that is an URL. So, that sucks you can fake that, but could a person fake a "sending email" in the same way? If so, they're wouldn't that mean everyone is susceptible to this?
 
  • #63
kyphysics said:
Also, to be clear, that is an URL. So, that sucks you can fake that, but could a person fake a "sending email" in the same way? If so, they're wouldn't that mean everyone is susceptible to this?

Yes it sucks, but it has been that way since the dawn of the Internet.

Being safe on the Internet, means following safe practices, not examining the appearance of URLs emails or other addresses. You must assume that anything can be faked.

Here are two links to sources explaining some safe practices.

https://arstechnica.com/information-technology/2021/10/securing-your-digital-life-part-2/

https://www.odni.gov/files/NCSC/documents/campaign/DoD_IAPM_Guide_March_2021.pdf
 
  • #64
pbuk said:
Well Yahoo do own the 2nd level domain yahoo.net, although the sports.comms.yahoo.net domain as well as comms.yahoo.net is controlled by a marketing company Lion Re:sources, part of the Publicis Groupe. However because of the point below you cannot rely on the email actually coming from them.

Yes. Depending on your email client and spam settings and any anti-malware plugins you are using such a faked address may or may not be marked as spam.
Thanks for the response, pbuk.

So, here's sort of the same question I asked in the post above. IF an evil sender wanted to fake the sending email address (to be one that I would recognize and think was from a trusted source), then how could any human being every trust anyone sending anything to them by email?

If someone figured out my mom, sister, or brother's emails, for example, and then sent me a realistic looking titled email from them (faking their email address, I mean), then it'd be hard for me to not click on it (short of literally calling them by phone to ask if they sent it...but that seems cumbersome to do every time), right?
The "hover over" method used for fake links in jedishrfu seems like it wouldn't work for faked sending emails, no? If I hover over the sender in my email inbox, I can see the email address an email is coming from. But, if it's faked, is it the case that there is no way to tell? Or, is it that once I open the actual email, then perhaps I can hover (within the email) over the sender's address and it would show a different/fake address then?
 
  • #65
kyphysics said:
how could any human being every trust anyone sending anything to them by email?
Through context. If you know that it's your friend's birthday next week then shouldn't come as a surprise if they send you an invitation to a party with a link to click on. If you get an email apparently from your elderly aunt saying "Wassup matey, check out theese kewl new trainers" then you can bet it is fake.

kyphysics said:
If someone figured out my mom, sister, or brother's emails, for example, and then sent me a realistic looking titled email from them (faking their email address, I mean), then it'd be hard for me to not click on it (short of literally calling them by phone to ask if they sent it...but that seems cumbersome to do every time), right?
Use your common sense: in most cases (but importantly, not all cases) fakes are easy to spot from the context.

kyphysics said:
Or, is it that once I open the actual email, then perhaps I can hover (within the email) over the sender's address and it would show a different/fake address then?
No, you have to inspect the headers of the email and then look up the servers in the chain. If you have a decent email provider they should do this for you and treat the email as spam (which may mean adding a prefix to the title, delivering it to a spam mailbox or just deleting it). If you have an anti-malware plugin in your email client this may provide extra protection.
 
  • Like
Likes   Reactions: kyphysics
  • #66
I’ve seen some stuff where even the hover over a link failed to show the true url link as it as overwritten on the status bar by JavaScript on the webpage or email.
 
  • Like
Likes   Reactions: kyphysics
  • #67
kyphysics said:
Here is another email I accidentally clicked on today (I wanted to select the box to try to delete it, but my mouse accidentally clicked on it to open):
yahoo@sports.comms.yahoo.net

Two questions:
1.) Would I be correct to assume it is legitimate, because of the "yahoo.net" ending? For reference, I play fantasy sports, so this was an email advertising some fantasy sports stuff on Yahoo. But even without that background, is the logic that if it's a "yahoo.net" ending, then it's ALWAYS legitimate (no matter what comes before that part of the address)?

2.) My second question is whether someone can send you an email with a "fake legitimate email" as the sender's email? Let's say abcxyz@yahoo.net is legitimate email address from Yahoo! But, suppose a scammer wants to send me some type of malware through email. Can that evil person use abcxyz@yahoo.net as his sending email address (even if he's not really sending it from that address)? Can some, in other words, fake the sending email address (of a legitimate one)?

The explanation I gave is for web links themselves. An e-mail can be made to appear to come from any address very easily. Also there are normally two parts to links, the part which is displayed and the actual URL you will be redirected to. If you hover your mouse over the web link it should tell you where the link is really pointing to, if it's pointing somewhere different to the one shown then don't click on it as it is likely spam again.
 
  • Like
Likes   Reactions: kyphysics
  • #68
MikeeMiracle said:
If you hover your mouse over the web link it should tell you where the link is really pointing to
Caution: this is only true in your email client* (or other environment where JavaScript is disabled). In a web page displayed in a normal browser, JavaScript can make the link do anything.

To see this in action create the following file on your desktop and open it (you have to include the code in the image below as well):
[CODE lang="html" title="fooled-you.html"]<a href="https://microsoft.com">https://apple.com/</a>
[/CODE]
1636371991529.png

The link says Apple, shows Microsoft when you hover over it and takes you to Ubuntu when you click on it!

Note that this behaviour is typical of malicious web sites so never post this code or anything like it on the internet where it could be displayed by a browser (e.g. CodePen or a GitHub gist) or you risk your account being suspended.

* email clients include reputable web apps such as Gmail, Outlook.com etc.
 
Last edited:
  • Like
  • Informative
Likes   Reactions: kyphysics and MikeeMiracle

Similar threads

Possible to Get Malware by Just Opening an Email?
  • · Replies 32 ·
2
Replies
32
Views
7K
How to get Hackathon sponsors?
  • · Replies 21 ·
Replies
21
Views
2K
Asked to Verify email when Unsubscribing from unsolicited e-mails
  • · Replies 12 ·
Replies
12
Views
4K
How do spammers get our names and our email IDs of "me and my friend"?
  • · Replies 21 ·
Replies
21
Views
5K
Cybersecurity: Links to Malware sites in QR
  • · Replies 1 ·
Replies
1
Views
1K
I Just Forgot my Email Password that I Created/Changed Today
  • · Replies 37 ·
2
Replies
37
Views
4K
Why iPad opens Gmail into emails?
  • · Replies 9 ·
Replies
9
Views
2K
Anyone know how to filter out conversations in gmail?
  • · Replies 6 ·
Replies
6
Views
2K
Alternative Email Services to Gmail
  • · Replies 5 ·
Replies
5
Views
2K
Why do emails from my contact form bounce?
  • · Replies 10 ·
Replies
10
Views
3K