Rozy's
Rozy CS
Cyber ​​Surakshit Bharat: Phishing – Real and Fake Emails
Home » Awareness  »  Cyber ​​Surakshit Bharat: Phishing – Real and Fake Emails
Cyber ​​Surakshit Bharat: Phishing – Real and Fake Emails
admin
February 11, 2025
Awareness Cyber Security Cyber Surakshit Bharat IT Skills Skills Growth

How to Identify Real and Fake Emails: A Detailed Guide!

In today's digital age, cyber fraud is rapidly increasing, and email scams have become a major tool for this. Cybercriminals create fake emails and clone websites to trick people. Fake emails may look like real ones, but don't worry! With some caution, you can identify these fake emails. Let's learn how to distinguish between real and fake emails.

Check the Email Header

What is an Email Header?

An email header contains details about the sender, recipient, routing information, and other technical details. Information hidden in the email header can help you determine if an email is real or fake. You can view the email header on platforms like Yahoo, Gmail, and Outlook as follows:
• Yahoo:

   1. Open the email.
   2. Click on More Options.
   3. Select "View Raw Message".
•  Gmail :
   1. Open the email.
   2. Click on the three-dot menu.
   3. Select "Show Original".
• Outlook: Message > File > Properties > Internet headers.

➡ Caution: If Return-Path, SPF, DKIM, and DMARC entries are incorrect or any entry fails, the email might be fake.

Check the Sender's Address

Phishing emails often use names of real companies like Amazon, PayPal, or banks, but their email address is different. For example:

✅ Real: do-not-reply@amazon.in
❌ Fake: support@1.instantupdates.com

➡ Caution: Always check the sender's email address carefully before clicking on any link in a suspicious email.

Example: Real vs. Fake Amazon Email(Case Study: Amazon Email)

Let's compare two emails in right hand side image – a fake (phishing) email and a real email: 

 🔴 Fake Email (Phishing Email) - [Red and Yellow Marks]
     o  Sender's Address: "app@app1.instantupdates4u.com" 
        This is not Amazon's official email address.
     o	Attractive Subject Line: "Weekend vibe deals | 
        Up to 70% off Electronics, Fashion, Home appliances"
        To make people open and click quickly.
     o	Phishing Attempt: Clicking on the link in this email 
        may take you to a fake website where your personal 
        information can be stolen.
✅ Real Email (Amazon Email) - [Green and Yellow Marks]
     o	Sender's Address: "do-not-reply@amazon.in" 
        This matches Amazon's official domain.
     o	Correct Branding: "Amazon.in" is properly written, 
        and it looks like Amazon's promotional or 
        transactional email.
     o	No Suspicious Links: The real email only takes you 
        to the official website.

📌 Main Difference:  The sender's address in a fake email will be 
            slightly different from the real brand, but it's designed to look 
            like a real email.

How to Identify Fake Websites and URLs?

Phishing emails often try to lead you to a fake website. The URL of these websites looks similar to the real one: 

✅ Real: https://www.amazon.in
❌ Fake: https://amazon-offers.in
➡ Caution:
   1. Hover over any link before clicking to see the actual URL.
   2. If the URL has spelling mistakes or extra words, it might 
      be fake.
   3. Having HTTPS does not guarantee safety. Nowadays, 
      cybercriminals can also buy SSL certificates.

Real vs. Fake D-Mart Website
Phishing is not limited to emails. Criminals create exact copies of real websites to steal your login information. Here is an example comparing a real and a fake D-Mart website.

🔴 Fake Website (Red Marks in the Upper Image)
   o  Minor URL Change: "d-mart.co.in/shop/d-mart" 
       is different from the real website "dmart.in".
   o  Suspicious Offer:  Offering a discount from ₹699 to ₹499 
       To make you click quickly by showing big discounts. 
       Carefully check the image and offer; both do not match. 
       The image says 1 liter mustard oil and the offer says 
       5 liters of mustard oil. The actual offer of ₹699 cannot 
       be real, as the actual price of 20 kg Aashirvaad Atta will 
       be at least ₹900. 1 kg besan + 5 kg sugar + 5 liters 
       mustard oil is different.
    o  Minor Branding Change: The logo and design look like the 
       real one, but it's a fraud.
✅ Real Website ([Green Marks in the Lower Image])
    o  Correct Domain: "dmart.in" is the official URL of 
       the real website.
    o  Authentic Design and Options: The real website is 
       user-friendly and works without any suspicious pop-ups or 
       tempting offers.
 📌 Main Difference:  The URL of a fake website is slightly altered, 
              but it can be identified by being cautious.

Avoid Attractive Offers and Scary Messages

Fake emails often contain very attractive offers or scary messages.

 For example:❌ Fake:
    • "Congratulations! You have won a ₹10,000 gift card. 
       Click now to claim your prize!"
    • "Your bank account has been blocked! Log in immediately 
       and update your information."

➡ Caution:
   1.  Do not click on any link in an unknown email.
  2.  If an offer seems too good to be true, it probably is not real.
  3.  Banks/companies will never ask for password or personal info.

Safety Tips to Avoid Fake Emails and Websites (Best Practices)

✔ Enable Two-Factor Authentication (2FA).
✔ Do not click on any link in suspicious emails.
✔ Always type the website directly in your browser to log in.
✔ Pay attention to odd spelling and grammar mistakes.
✔ Verify the email with your bank or the company's official website.
✔ Report suspicious emails as spam.

Additional Safety Tips:
Ensure Safe Browsing: Always keep your browser updated and Install antivirus and anti-malware software and scan regularly.
Cyber Security Education: Take online courses on cyber security and educate your employees or family members about it.
Report Suspicious Activities: If you encounter any suspicious email or website, report it to the relevant company or cyber crime department.

Phishing emails and fake websites may look very real, but you can avoid cyber fraud by being cautious. Always check the sender's address and URL, and do not click on unknown links. Prioritize your cyber security and stay safe from cyber fraud.

🔹 Have you ever received such an email? Share your experience with us in the comments on our YouTube channel Phishing Shorts!🔹

🚨 Stay Alert, Stay Safe! 🛡️ 🛡️

Awareness and Participation

This blog has provided valuable information about cybersecurity, but it is equally important to recognize your responsibility. Stay vigilant to protect yourself, your family, friends, and your social circle from cyberattacks and cybercrimes. Share this blog with your friends, family, and community to spread awareness. Regularly update yourself on cybersecurity information and make others aware of it. Let’s work together to create a secure digital India.

Call to Action:

  • Subscribe to our blog for the latest updates on cybersecurity.

  • Join our cybersecurity awareness sessions/workshops to learn how to protect yourself.

  • Call us to conduct cybersecurity sessions/workshops.

  • Follow us on Facebook and LinkedIn for daily cybersecurity tips.

Contributors:

Authors: Gagan Deep & Saminder Kaur

🔖Tags: Cyber Awareness Cyber Resilience Cyber Surakshit Bharat Cyber Threats Cybercrime Prevention Cybersecurity Cybersecurity Awareness Cybersecurity Campaigns Cybersecurity Education Cybersecurity in India Cybersecurity Initiatives Cybersecurity Tips Cybersecurity Workshops Data Protection Digital Fraud Protection Digital Safety Internet Safety Mann Ki Baat Narender Modi National Cybersecurity Policy Online Fraud Prevention Online Security Prime Minister
Share on Facebook
Share on Twitter
Share on linkedin