The Problem

To our own detriment, dissecting email addresses is not often part of our technology education. Technology usage, and email in particular, is so pervasive that you can get started without knowing what comprises an email address. Unfortunately, cyber criminals exploit this lack of knowledge in order to phish the masses. Remember, email phishing involves the impersonation of a trusted person or brand via email in order to dupe the target into giving up private information or downloading malware that provides access to the computer.

Why are email addresses not well explained? Well, it’s not necessary to use or receive email. If a mailbox is set up on your tablet or laptop, and all you have to do is click the icon to get your mail, you probably don’t type your email address often. Only occasionally, perhaps when you sign up for a newsletter or access to a new site, do you need to provide it. And then you may do so by copy & paste.

The details can also get kind of technical: this-is-an-email@something.com. Email addresses have an @ symbol with something before and after the @. That’s as far as most people get with it.

When a scam artist decides to emulate one of your favorite brands, he may craft an email address that looks like “joe-amazon.com@myscamsite.biz.” If you don’t know much about email addresses, this looks pretty good. After all, amazon.com is in the address, therefore it must be legit, right? And that’s when you let your guard down and open up the attached receipt. Now you’ve been duped into installing malware from Joe-Scammer. Not good.

Here’s what you need to know about email addresses.

joe-amazon.com is the mailbox that resides at myscamsite.biz, the web property. The person who controls the web property (also known as a domain) controls the mailbox.

Again, that’s mailbox @ internet property. The most important part of any email address is the internet property because it’s simple to call the mailbox anything you want. Let me put it like this:

Suppose I have a mailing address:

Michelle W.
1234 S. Main St
Somewhereville, FL 31500

When I send a letter, I can technically write WHATEVER I WANT on the first line. I could write:

SANTA CLAUSE
1234 S. Main St
Somewhereville, FL 31500

I’m definitely not Santa Clause, but you don’t know that (wink wink).

That’s why it’s important to pay attention to what comes after the @. Pay attention to the internet property, the domain. This will be a great clue about whether an email can be trusted.

Let’s look at a couple more examples.

mary@gmail.com is different than mary@yahoo.com. These are distinctly different because the internet property (domain) is different.  Can you pick them out?

The first one is gmail.com and the second one is yahoo.com. You want to be sure that the domains are trustworthy. Are they familiar websites?

Joe-Scammer realizes that you are not falling for his @myscamsite.biz anymore. Now he’s got a new internet property and a new mailbox: support@www-amazon-com.biz. What’s the internet property here? Everything after the @ symbol: www-amazon-com.biz. This is not amazon.com.

What to Do Now

If you can’t recite your email address(es) off the top of your head, now is a great time to learn.

Second, begin paying attention to the From line in your emails. What appears there? Is it just a name? If so, click or hover on the name to reveal the address. Get familiar with what comes into your inbox, so that the next time it’s something fishy, you’ll know not to trust it.

When you are faced with an untrustworthy email, don’t reply, click on links, call phone numbers, or download/view attachments!