Avoid Identity Theft and How to Detect Phishing Emails

The term "phishing emails" might not sound familiar to you, but you or your friends might have victimized by phishing emails more than once. In this guide, I will teach you how to detect these phishing emails.

1. What is a phishing email?

Phishing email often directs users to give details at a website. Typically it will be in the form of an account update request or an account suspension warning. In these phishing emails, Phishers attempt to fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by falsely represent as a trustworthy entity in an electronic communication. eBay and PayPal are two of the most targeted companies.

For example, the phishing email can be an email alleging that there had been some suspicious activities on the victim's online account, and the only way to keep it from being suspended is to update all his or her personal information. The email typically includes a link to a web page where he or she can supposedly do the updating. Typically such web page is falsely represented to be a genuine link from eBay or PayPal. The Phishers can then use the information harvested from the phishing email to commit identity theft. Typically the phishing emails look and smell like a geniune email message from eBay or PayPal, but if you look carefully, you will see the differences. And I will teach you where to look.

2. How to Detect a Phishing Email?

If you are not sure whether or not an email is from eBay or PayPal, forward it  (with full email headers if possible) to spoof @ eBay .com. They will be able to verify the authenticity of the suspicious email.

The email headers provide much information on the origin of a message and are useful tools for tracking and stopping phishing emails. The details on how to analyze the email headers are way beyond the scope of this guide. Please contact your email service provider for details on how to obtain the email headers. Typically you can opt to show email headers from the personal preference option of your email account.

Just because an email's return address has eBay.com on it does not necessarily mean it was sent by eBay. It is extremely easy to spoof (fake) the email return address. In general, it is better not to click links to eBay or PayPal at your email account. It is recommended that you log onto eBay or PayPal to check the related emails instead.

If you really have a strong desire to click on the links in the emails, here is a quick way to distinguish emails originate from eBay or from any other site. When you point your mouse cursor at the hyperlink (i.e. the words that are underlined and in blue color) or at the "click button" (e.g. the "respond now" yellow button from an eBay email), you should see a URL begins with http://contact.eBay.ca. If you see a URL begins with something else, then you know that you are not at the sign-in page of eBay. And if that's the case, you should never enter any personal information at all and should contact eBay at spoof  @ eBay .com at once. The same concepts apply to PayPal as well. 

URL is the web address of that particular internet web page. It's very similar to mailing address of  the real world. Each URL is unique and one URL can only specify one and only one web page. You will never see two houses with the same mailing address. Similarly, you will never see two web pages having the identical URL. For example, if you use the URL http://www.eBay.ca, it will take you to eBay Canada homepage every single time. You will never be directed to eBay Australia homepage by using such URL.