Using email safely

 In Security

How hard do you think about an email before you open it? If you are like most people, probably not at all.

We use email so frequently that we have become indifferent to the dangers that may be waiting in our inbox. Those dangers come from the daily influx of spam emails that are doing everything from trying to steal private information to installing malicious software on your computer.

Almost daily, we have clients contacting us to verify if an email they have received is legitimate or not. In this article I will go through some simple things you can check to protect yourself.

Check the sender

The first thing to check is the sender email address.

Does the sender address match who they say the email is coming from? Most of the time, the email address won’t match and this is a dead giveaway that the email is not legitimate. The image below is an example of this.

Occasionally, the email address will match. This is called spoofing, where the sender’s address and other parts of the email header are altered to appear as though the email originated from a different source. It is a common method used by attackers to gain the trust of the target and increase the likelihood of a successful attack.

Spoofing is becoming less common now as anti-spam systems get better at detecting these.

Spoof email address

The email address and sender’s name do not match

Check the links

The second, more important thing to check is links.

Most of the time, the email will be prompting you to click on a link. Hover your mouse over the link – don’t click on it! – and it will show you the actual address. Often the link will be written to look legitimate but, upon closer inspection, the actual link address will be completely different and will not be related in any way to the sender’s apparent organisation (see image below).

Email with a dodgy link

The link address for the invoice portal is completely different to the sender’s company

Lastly, never ever open a link that has been embedded in word or PDF document (or anything else for that matter) without doing the hover test.

Be wary of attachments

Email attachments are often used to harbour viruses or dodgy links.

While all attachments can harbour threats, PDFs are generally the most commonly used. Office files such as Word, Excel and PowerPoint can harbour macros that download viruses to your computer, so ensure you have your security settings for all Office apps enabled to protect against this. Be extremely cautious opening Zip files, too.

And remember, if you have trouble opening an attachment then odds are that it is malicious and should be deleted.

A good rule of thumb

Use common sense when accessing an email. Are you expecting this email? Does the email formatting, language and grammar look how you would expect? If you are still unsure then get a second opinion or ask an IT professional to take a look.


  1. Check the sender
  2. Check the links
  3. Be wary of attachments.

Following these simple checks will help to keep you safe when using email. Spending a few minutes to go over the email is a small inconvenience compared to the possible downtime from a virus infection or loss of private information. At Proactive IT we are always here for our clients; so if you are ever in doubt over an email, forward it to us and we will verify it for you!

Recommended Posts
Password 1234wi-fi logo on a dark sky background