Welcome to the third part of our Email Safety series. We’ve already covered the goals of phishing scams and how to identify the sender in parts one and two. Identifying the sender is not enough to confirm that the email is safe. Maybe the email address is spoofed. Or maybe the sender, who may be a trusted contact, was hacked and a scammer has control of their account. It’s time to look at another aspect of email: expected and unexpected.

Expected vs. Unexpected

When you receive an e-mail that requires an action (opening an attachment, clicking a link/button, calling a phone number, making a purchase, or replying with information), ask yourself whether it was expected or not. So, what do we mean by expected?

Expected e-mails follow a narrow definition: A recent action (outside of e-mail) caused an e-mail to be sent.

• You place an online order and then you receive an email confirmation regarding your purchase.
• After your morning meeting, meeting minutes arrive from the regular notetaker.
• A subscription newsletter appears at the same day and time, in its standard content and format.

Expected e-mails are LOW risk, and it is generally safe to proceed.

By contrast, an unexpected email is something that takes you by surprise. These are examples of UNEXPECTED e-mails.

• Days after ordering something online, an e-mail arrives and states shipping has been delayed.
• A friend who occasionally shares video links (at random times) sent one today.
• An e-mail from your bank indicates potentially fraudulent activity involving your account.
• A co-worker requests information that he has not requested in the past.

Unexpected e-mails, particularly when the content seems unusual for the sender or involve sensitive information, are HIGH risk. Notice that even though some examples above are related to past legitimate actions, they still bear some risk because they are unexpected and could be phishing scams.

Interactions with high risk email communications can lead to the theft of your personal information, infection of your computer or other device, or financial loss. Unexpected e-mails should trigger a “pause and inspect” (rather than a “click and continue”) reaction, which is why it’s important to define “expected” in precise terms.

When It’s Unexpected

When you start thinking in terms of expected versus unexpected, even e-mail from a familiar sender will elicit the “pause and inspect” reaction when it’s unexpected. This is a good thing – it’s another step along the way to becoming a discerning user of online communications. When an email is unexpected, it’s time to ask yourself: what do they want from me? More on that next week!