This is a great question. It’s when someone sends you an email that looks like a legitimate email. These emails can often times look completely legitimate, but there’s several ways you can tell they’re fake. This email you clicked on has several indicators as shown below.
Keep these steps in mind when you’re receiving emails, specifically emails asking for account credentials or password resets. To be safe, NEVER ENTER A PASSWORD ON A LINK YOU CLICKED ON IN AN EMAIL.
CHECKING THE EMAIL ADDRESS
As you can see on this email, the email address is “@levz.com”, obviously not from Google. However this email address is so long that it sometimes will be hidden from the view that it’s not actually from Google.
Always check the email address from the sender.
CHECKING THE CONTENT
Check the email content. Sometimes you’ll see things that just don’t quite look right. In the email you got, there are a few signs that this could be a fake email.
This email has some signs that it could not be legitimate.
One is that the images are not displayed properly. This is typically when Outlook doesn’t fully trust the sender. This however is not always an indicator of a fake email.
Second there is a formatting issue, there are two extra }} in the email after the name. This again is not always an indicator of a fake email, but is a tale tale sign.
LINKS IN THE EMAIL
Almost always there will be a link in the email to have you validate your credentials or some sort of “call to action”. In this email it’s referencing that you should click here to login and validate.
You can see from “hovering” over the link, that this link is going to a fictitious web link. These links are sometimes masked quite well, and will look like a legitimate web link.
Always check that a link is valid. When receiving emails like this, it’s always a good idea to not click a link in the email but go directly to the site that it’s claiming to be. In this case, just go to google directly.
IF YOU CLICKED THE LINK
There will be signs that the link that you clicked is not really the site that you’re visiting. Many times it will go to a site that is “not secure” or to a site that has a web link that does not match who you’re visiting.
You can see from the link in the address bar a few things. One is a “Not Secure” warning and secondly that the URL is not Google at all.
Checking for a “Secure” or “Green Lock” icon is one of the best indicators to see if you’re on a real site. This shouldn’t be the only check though, but typically an indicator. Sites used for phishing rarely take the additional time necessary to “secure” their pages.
The web address in the address bar is another indicator. Always check that the address listed matches the intended location. You can see on this example that it is a series of numbers, not something you’d typically have from a Google email.