How to ID Phishing – or Emmy Makes Fun of a Bad Phishing Attempt

Yesterday, I received this in my Gmail account:

Spam? Oh yeah!  First off, the wording “congestion in our database system”? As an IT person, I was already laughing.

While the font was good, the other warning was the four questions you are reply to. Really?

I decided to use it as an educational tool.

If you have Gmail, and you aren’t sure something you received is real, do this:

See that Reply button? Click the arrow next to it. 

Click the “Show Original” option. It is going to show you the entire message header – or all of the technical stuff needed to get email from point A to point B. Don’t be scared as it will show you why this email is not from Google.


Click it big so you can get the full effect.

For me, the first thing that jumped out was that first big red box. The ‘return path’ of that email isn’t Google!! 

It’s sukoandseunboy.com….hmm….interesting. Guess it’s a good reason not to hit reply.

And the full Received path kinda confirms that for me. Doubt Gmail is using domains ending in “.net”.

In the second square, that is what Gmail uses to try to see if it is spam. Notice their results are “neutral” meaning they went ahead and delivered it as they weren’t sure. Reporting this as phishing should help them with this in the future.

If I wasn’t sure, I would look for the X-Sender which will tell me the real “From” of the email. Notice it is the same was the return-path.  Yep, definitely spam.

I did resist the temptation to send this back to them:

But doubted they needed the encouragement.
Instead, I hit that little arrow next to the Reply button – and selected “Report Phishing”.

At least it will help Gmail’s spam filter get smarter.

5 Comments Add yours

  1. frances says:

    thanks for the tips! i totally didn’t know how to find where it was really from. you rock!

  2. Thanks for the info!
    And wow. That’s a bad one. lol.

  3. Hubman says:

    Oh cool, I never knew about that “show original” option. Thanks!

    Of course, even w/o the IT knowledge, we should ALL know that reputable companies NEVER ask for personal information via e-mail, especially financial institutions of any kind.

  4. Ms Scarlett says:

    I usually find that Gmail’s spam filtering is top-notch, but lately a few have been sneaking through… damn spammers must be changing tactics!

    Reporting them definitely helps Gmail update their filters that much faster!

    Thanks for posting this Emmy!

  5. That was a pretty pathetic phishing attempt, almost as bad as the letters from overseas offering you a million dollars.

What do you think?

This site uses Akismet to reduce spam. Learn how your comment data is processed.