Bookmark and Share



When checking my email, I always seem to discover a new “spoof” email mixed in with the others. A spoof email disguises the name of the real sender in order to make the communication appear legitimate, as if it’s from a company you’re doing business with or a person you know. Typically, a spoof email is used as part of a “phishing” scheme, which is designed to lure you into providing personal information or paying for a fictitious service.

Here’s an example of a spoof email that I received a few weeks ago, supposedly from the Geek Squad, that reminded me to renew my annual maintenance agreement. This immediately set off my spoof alarm because I don’t have a Geek Squad maintenance agreement. In fact, I’ve never had a Geek Squad account!

The email looked very official: It included the Geek Squad logo and conveniently provided my (fictitious) 11-digit customer ID (and it’s rather telling that they knew my ID but apparently not my name, because the email greeted me with “Dear Customer”). The scammer was obviously hoping I’d click on the “renewal” link and input my credit card number to pay the $299.99 fee.

Although I easily dodged that scam, I almost fell for a fake Comcast email. It alerted me that I had only one day left to update my account before it rolled out a new email interface. Oh no! If I didn’t act immediately, I might lose access to my email. That was exactly the type of click-now-think-later reaction the scammer was hoping to evoke. Fortunately, I came to my senses and didn’t click the “update” link, which probably would have solicited an array of personal information or even worse, installed malware on my system.

In both instances, I was able to see who the real senders were by hovering my cursor over the senders’ names. Depending on how you read your email (email account website, mobile device mail app, etc.) you may have to experiment by tapping, clicking or hovering over the sender’s name to expose the real, underlying email address.

On an iPhone, for example, several steps are required to reveal the sender’s actual address. The image on the left shows how the email header appeared when I first opened the fictitious Geek Squad email. By tapping on the Geek Squad name and then the small arrow ( > ), the sender’s actual email address is exposed, as shown in the screen shot on the right.

If I am viewing an email on the Comcast website ( or the Gmail website (, I can reveal the underlying email address simply by hovering over the sender’s name in the email listing: Note that the actual sender of the Comcast email is As with the Geek Squad email, this type of email address indicates it’s probably a spoof. Why? Large companies simply don’t conduct business using email accounts such as,,, etc. Rather, they have their own email domains, indicated by the use of a corporate name after the @ sign in the email address. For example, I recently received a legitimate Comcast notification originating from this email address:

Also, companies don’t use an individual employee’s email address when sending alerts or service announcements to maybe hundreds of thousands of customers. If they did, employees like Leonard Oakes would probably quit, overwhelmed by the task of responding to thousands of customer inquiries.

Another spoof indicator may be the way the company’s logo or name is displayed. Take a second look at the screenshot of the Geek Squad email. Notice that the “S” in Squad is lower case (it should read Geek Squad, not Geek squad). A real Geek Squad email would not include a typo in its own name. And now for a bonus point: Did you notice the spelling of “COM-CAST” in the second screenshot?

Once you assume the role of spoof detective, you’ll be surprised how many clues you can catch. And sometimes there is no single clue that tips you off. Rather, you have to consider the combination of clues to assess the email’s validity.

So stay alert and don’t get trapped by a spoof email. Most important, never, ever click on a link in an email that is supposedly sent to you from a bank or other financial institution. Instead, go to the company’s website, log in to your account, and look for a link labeled “Inbox” or “Messages” (or similar term) allowing you to read any message that the company may have sent you.

For more information about email safety, visit the FBI’s webpage: Have a tech question or want to see an archive of previous Tech Tips columns? Go to the Computer Club website and click on the LINKS menu choice at the top right of the page.

Bookmark and Share