Clues that a website or email may hide a scam or malware

Did you know that 54.6% of the emails you receive are SPAM? According to statistics, a user receives an average of 16 malicious emails per month, which, together with the number of fake pages they link to, makes checking the email dangerous at times.

But, do you know that there are ways to detect if an email or the website that we are opening is false and potentially dangerous?

Indicators that a website or email is fake

More in the current season of Christmas shopping and promotions everywhere, phishing and spam campaigns are the order of the day and fake emails bombard us with fraudulent links. In his most recent Security Councilthe OSI (Internet Safety Office) of the INCIBE (National Institute of Cybersecurity of Spain) proposes four indicators to check if that email that we suspect or that website that is activating the inner voice of ‘don’t trust’ is more false than a Polystation console:

Due to misspellings

An official email or an official website do not have grammatical errors in their texts. They may have missed a tilde or put two letters together, but that’s usually all. Grammatical or spelling errors in the content of web pages or emails can give away the cybercriminal trying to lure us into their trap. Some examples are:

  • Poorly constructed or rushed sentences: “You are welcome to enter the contest…”
  • Strange symbols included in the text: “Click on the link included in the description…
  • semantic errors: “We appreciate your interest…”

By the Sender of the mail or the URL of the web

To try Copying an email address or mimicking a website URL to make it look like the real thing is another SPAM and phishing tactic. The sender does not correspond to the entity referred to in the body of the email. For example, if it is an official email from our bank, we expect the address to be “” and not something like “”.

On the other hand, we must check the same in the link to a web address that is not trusted, and above all that lacks what we are going to see next.

over HTTPS

The Internet works with a series of protocols that allow a secure connection between your computer and the page you visit. Without them, all communications could be exposed to a cyberattack that would steal all the data of registered users or users connected to a page.

If the website does not support HTTPS or the certificate is not trusted, it is better that we do not enter, since Google is going to qualify it as an Unsafe Website. This is especially important for sites where a payment is authorized or pages that collect our bank details, since if they do not use HTTPS we will know for sure that they are not reliable.

For being different from the usual

if they try mimic an email or web address known to us and let’s try regularly, you have to look at elements such as the absence of the usual content of the web page or suspicious changes. An email from our bank may refer to us as “Dear user” despite the fact that in the rest of the emails received they refer to us by our name and surnames, or that the graphic aspect of the web address to which they link us seems to have been done in a hurry.

Related  Mastodon: the decentralized social network as an alternative to Twitter after the purchase of Elon Musk