One thing people still fall for all of the time are email scams from spammers, adware companies and people who want to hack your computers. Just like in the example below where I got a scam email from someone pretending to be US Airways sending me a confirmation email (oddly enough I just booked a flight the day before), the email looks real, but when you examine it closer, it is 100% fake and will probably cause real damage to your computer. Here are some ways to tell if the email is a scam.
(Click on the images you can make them bigger then use the back button on your browser to come back to the post.)
Example 1. (I tried to paste the pieces together from screen shots of the entire email so it may not be aligned properly.)
Example 2. (The header of the email.)
How to tell if an email is real or spam
1. If we look at the first image, I did just book a flight the day before so my first reaction is they mixed up my flights with someone else. It instantly caused me to want to click through and call customer service to see if my flights were ok and let them know they accidentally sent me the wrong itinerary and that I have someone else’s travel plans and flights. I looked and they sent to the correct email addresses and even included the correct email address in the body of the email so it appears to be an actual mistake instead of spam. That’s when I did my first check. I right clicked on the images to see if they could download. They can’t. This is my first sign there is an issue and that this email might be spam. It is made to look like an email but has no actual html copy or design. Even if I could download the images, I wouldn’t because this could be the first step in causing harm to my computer. Instead I would check off that you can download the images. (If I did download the images, I would right click on one of them to view where it is located and if the url isn’t a US Airways server or url, then it is probably fake. I’ll show you why later on in this post.)
2. The next thing I did to help figure out if this is a real or a fake email is look at the bottom and hover over the manage your reservation link where many people would click, especially if there were images and it would look like a real US Airways email. By hovering over you’ll notice that the link actually goes to a Russian website instead of a US Airways website. This is a huge indicator that it isn’t a real email and this is one of the easiest ways to tell if an email is real or fake. If you go to the base url, it has nothing to do with US Airways or even travel. (Second, why would US Airways be using Russian .ru urls anyways? They are an American company. (You may want to be cautious going to it because it could potentially harm your computer if you interact with it in any way.) You’ll also see that the url is longer than ending in just .ru. This full url will probably cause a redirect or put me on a landing page that can potentially do multiple things.
- Infect my computer with adware which could possibly be bundled with coupon site’s toolbars, pop ups and a ton of ad network’s applications. One thing everyone needs to know is that a user or a user who doesn’t know they have Coupon Affiliate’s adware on their computer, never has to visit a coupon site to get it. They can get hidden adware that sets cookies through downloads, packages, games, etc… or the browser extensions we all know and can download from their sites from things like this as well.
- Infect my computer with a virus.
- Infect my computer with spyware that can gather passwords, store credit card information and or other personal information.
3. The next thing I noticed is that in the grid about the seat assignments. Some of the items are lined up perfectly and others are completely out of place, however the grid is able to fit them in the wrong sections. This could technically be from not downloading the images, but at the same time, it causes a red flag for me. Since I cannot download the images so it formats like we saw before, this is a definite red flag in helping me tell if the email is spam or not.
4. I’m extremely nosey so I wanted to see their actual flight path. It was US Airways flight 5552 if you look at the email above. Unfortunately for the spammers, this is the actual path of US Airways Flight 5552. It isn’t either of the two cities and isn’t actually even a US flight. That is a huge sign that this is a spam email and not a real one from US Airways.
5. If you notice the section in the second image, you’ll see that the itinerary says Philadelphia and then gives the airport code once. For Chicago, they say the city name, then the airport name and then the airport code. Although Chicago has two major airports, this isn’t consistent with their Philadelphia formatting (even though Philadelphia only has one airport), so it became another red flag for me to not click on anything.
After reviewing this email it became clear that this email was not sent on behalf of or from US Airways and it was a spammer trying to get something off of my computer. Luckily I didn’t click on anything, download anything and was able to tell if the email was real or fake. Because I determined it was fake I would normally delete it, but I am sure a ton of other people are getting these same types of emails from companies they think are real so I wanted to do a quick post for them. If you get one of these fake US Airways flight itinerary spam emails, especially after you book a flight, don’t click on anything and don’t download any images. If you actually think that they sent you someone else’s itinerary, go directly to their website and contact support. Those are 5 ways that I use when I am trying to figure out how to tell if an email is real or a scam.
1 thought on “How to tell if an email is real, a scam & a US Airways Confirmation Email Scam Example”
I use “View Message Source” to check URLs and such. That option is available on any email client (like Outlook, MacMail or ThunderBird) I have used but may not be available for online clients like yahoo mail or hotmail. I don’t use those so I may be wrong. Most any email client online or desktop will let you view the headers and that often saves the time of viewing the source.
I report phishing emails like this to the party that is being imitated, often they have a department to deal with abuse and can try to prevent the same problem for others.