spam fitler Click to Share on Facebook

The Anatomy of a Phishing Email

The image below is taken from a Phishing email aimed at Natwest bank customers. The same techniques used on this fake email apply to almost all other Phishing emails...

Natwest Bank Phishing Email

Natwest Phishing Email Key 1 The "From:" Address
The "From:" address of an email can not be trusted as it is easily faked by the criminals who send out the Phishing emails. Although in this case it appears that the email has come from a @natwest.co.uk email address, this has been faked.

Natwest Phishing Email Key 2 The "To:" Address
Pay close attention to the "To:" address, often it will not be directly addressed to you. If it isn't then it may not be a legitimate message from the organisation it claims to be from. Also, if the "To:" address contains multiple addresses this is also likely to be a sign that the email is a fake.

Natwest Phishing Email Key 3 The Message "Subject:"
The subject of a Phishing email may give away some small clues to the fact that it is fake. In this case it is claiming to be from "Natwest Electronic Banking", if this were real then it would only be using the name "Natwest" and not "Electronic Banking". Phishing emails will usualy have urgent of exciting claims in the subject line, using words such as "Important Announcement". Be careful of emails like this. Also look out for spelling mistakes and typos.

Natwest Phishing Email Key 4 Company Logos
Phishing emails will almost always use the correct logo for the organisation they are trying to defraud. The logos are extremely easy for Phishers to re-use, so do not place any trust in the logo of a company within an email - it does not guarantee the message is legitimate.

Natwest Phishing Email Key 5 Who the email is addressed to
Phishing emails will usually address their emails in general terms, they won't personalise it to you. So if they are claiming to be from your bank and they have addressed the email to "Dear Customer" use caution as the email may be fake.

Natwest Phishing Email Key 6 The web link
This is probably one of the most important parts to check. Although the link may look like it is going to the correct website (www4.natwest.co.uk in this case), it may take you to fake website when you click on the link. In this case when we click on the link in this Phishing email we would be taken to a fake website at http://www9.nwolb.co.uk.sec74.net/. To be certain, never click a link within an email, simply type the address that you know is correct into your web-browser address bar.

If you do click a link from an email always double check the address you have been taken too. We will cover more detail on this in our next part (The Anatomy of a Phishing Website).

Natwest Phishing Email Key 7 The message body
Always look out for spelling mistakes or names incorrectly used. In this example they refer to Natwest online banking as "Natwest Bank Direct Banking" which the real bank would never do.

For more information on Phishing emails please select the option above, or for more details on the ClearMyMail Guaranteed Spam Blocker please select one of the options below.


Click for free trial with ClearMyMail anti spam  Click for more information on how ClearMyMail can stop all spam   Click for our spam filter price list


Share or Bookmark this page:




PC Answers Editors Choice Award 95%
PC Answers Aug, 2007



More reviews

Featured In

PC Answers PC Format Mac World VNU Net Computing Web User

Contact Clear My Mail | Clear My Mail's Privacy Policy | Terms of Use for Clear My Mail  | Clear My Mail Support

Copyright © ClearMyMail Limited, 2008  -   e-mail: support@clearmymail.com
Guaranteed 100% Successful Spam Blocker