This week we want to talk about avoiding phishing emails. Check your headers!
Email headers give the extra information necessary to determine if the sender is who they claim to be. This knowledge can be the fastest way to know if you should click the link they sent you, or send it to your Recycle Bin.
Information should stay consistent – if it looks like Jane.Doe@gmail.com sent the message, that should be reflected in the headers. If the headers tell a different story, it could be time to give Jane a call and make sure it was really her who sent that spreadsheet. These can be checked in various locations, depending on the email provider.
Outlook 2016 – Open the email in its own window, and select Message Options from the drop-down near the Follow-Up flags. This opens the Properties, containing the header information at the bottom.
Outlook 365 – Next the Reply button, in the drop-down menu, “View message details” will populate the header information.
Gmail – In the drop-down selection next to the Reply option, choose “Show original,” which will populate the message including full headers in a new window.
There are tools online that can be used to further analyze the data, such as the one from MXToolbox: https://mxtoolbox.com/EmailHeaders.aspx. But in general, double-checking the Sender’s address to make sure that it’s correct can be sufficient to give you the heads-up necessary to make a smart decision, in less than a minute of effort.