Loading...

Knowledge Base
Home 
 
/
 How To Identify Dangerous Emails
Categories: EmailsSecurity

How To Identify Dangerous Emails

Email is still the most common channel used for online scams. These scams come in many forms, including spam, phishing attempts, spoofed messages, and emails that carry malware.

Their goal is often to steal personal information, compromise your device, or trick you into sending money. Learning how to recognize these threats is essential to keeping your email account and personal information secure.

IMPORTANT

If you receive a suspicious email:

  • Do not click any links or open attachments 
  • Do not respond to the email
  • If it uses our company name, report it to https://newfold.com/abuse

If you accidentally clicked a link:

  • Close the page immediately
  • Reset passwords for all connected services (email and Account Manager)
  • Scan all devices and networks for viruses or malware

 

Our team actively monitors spam, phishing attempts, and malware campaigns, while also updating blocklists and filtering known threats. However, recognizing these messages yourself adds an essential layer of protection.

Here are the most common types of malicious emails and how to handle them.

 

Spam Emails

Spam is an unwanted email that:

  • Is sent in bulk
  • Is unsolicited and irrelevant
  • Usually tries to sell you something

Most spam emails are filtered in your Spam or Junk folder, but some may still reach your inbox. You can easily identify a spam message by checking the subject line and content.

While spam emails are usually harmless, they may include links to malicious websites or infected attachments. Always be cautious in opening emails—especially those that appear to be spam.

 

What To Do If You Receive Spam Emails

If spam emails repeatedly appear in your mailbox:

  1. Add the sender's email address to your blacklist
  2. Delete the email

Avoid engaging with spam, as replying can confirm that your address is active.

 

Phishing Emails

Phishing emails are fraudulent messages that attempt to:

  • Collect personal data, like usernames, passwords, credit card numbers, home addresses, etc.
  • Gain access to email, banking, or service accounts for fraudulent purposes

These emails often include links that lead to fake login pages designed to steal your information.

 

Phishing Email Warning Signs

  • The email may ask for information like usernames, passwords, security codes, or PINs
  • The email may contain links that open unfamiliar or altered websites
  • The emails show urgency, claiming your account is at risk 

Below is an example of a phishing email:

Screenshot of CD Phishing Email Example

The link in the example above leads to a fake login page where entered information can be captured and misused.

 

Other Types of Phishing

In addition to standard phishing emails, attackers may use more targeted techniques like Spear Phishing and Domain Phishing.

Spear Phishing

Spear phishing is a more targeted form of phishing. These emails are crafted to look like legitimate internal or business communications and may:

  • Appear to come from local IT staff, executives, or trusted partners
  • Address you or your organization directly
  • Ask you to click a link or open a website
  • Request password resets or login verification
  • Create urgency or fear
  • Contain minor spelling or grammar errors
  • Closely resemble real corporate emails 

Because they are personalized, spear phishing emails can be harder to detect.

 

Domain Phishing

Domain phishing will trick you into giving up control of your domain or account by sending fake warnings or abuse notices.

Please note that these emails do not come from Crazy Domains, even if they claim to.

If you receive one:

  • Do not click on any links
  • Do not reply
  • Do not call any phone numbers listed in the email

To learn more about phishing and how to spot it, visit our blog for a detailed explanation and additional examples.

 

What To Do if You Receive a Phishing Email

If an email is suspicious:

  • Do not click on any link or download files
  • Delete the email right away

Your security is our top priority. We will never ask for your user ID, password, or credit card information via email or text message.

IMPORTANT. If you receive an unusual email about your Crazy Domains account, always verify it first by signing in directly to your Account Manager —not through an email link.

 

Spoofed Emails

Email spoofing occurs when attackers manipulate email headers to impersonate a trusted sender. Spoofed emails may:

  • Display a familiar sender name, such as a company, bank, or colleague
  • Impersonate someone you know to pressure you into financial transactions or wire transfers
  • Appear legitimate by using logos, branding, and professional formatting
  • Exploit your trust in the sender's identity

 

How To Tell If Your Email Address Was Used in a Spoofing Campaign

You may notice a sudden surge of bounce-back or delivery failure messages. This usually means scammers are using your address as the “From” address—it does not automatically mean your account is compromised.

To be safe:

  • Change your email password immediately
  • View full email headers to spot issues

    Below is a screenshot from an email header:
    Screenshot of CD Spoofing Example from an Email Header

    The “From” address shows [email protected], but the “Reply-To” address is [email protected]. Any reply you send goes to the attacker, not to your boss.

 

How To Avoid Becoming a Spoofing Victim

  • Keep your antivirus software up to date
  • Configure SPF (TXT) records in your DNS
  • Never click links or reply to suspicious emails
  • Check the authenticity of an email. Verify unexpected requests through a separate and trusted channel
  • Change your email password frequently

Once an email is spoofed, it cannot be undone. Bounce-back messages may provide limited technical details, but spoofed emails often originate from infected systems, making the sender difficult to trace.

In some cases, you can identify the sending IP address, check which ISP owns it, and request that it be blacklisted. However, spoofing will remain a risk until stronger email authentication protocols are widely adopted.

 

What To Do If You Receive a Spoofed Email

If you suspect an email is spoofed:

  • Do not reply or click anything
  • Check the actual email address in the message header
  • Use the "report spam" or "phishing" function to flag the email
  • Delete the email once you've reported it

 

Virus-Attached Emails

Virus-infected emails contain malicious code that activates when you:

  • Click a link in the email
  • Download a file or attachment
  • Interact with infected content in the message

Once opened, viruses may spread quickly by sending emails to contacts in your address book, infecting additional devices.

Screenshot of CD Virus Attached Email Example

These attachments may appear as documents, PDFs, or compressed files (.zip) that seem legitimate.

 

What To Do If You Receive a Virus-Attached Email

  • Never open links or attachments
  • Delete the message immediately
  • Block the sender
  • Run antivirus or malware scans if interaction occurred

 

Always Remember

Being able to identify spam, phishing, spoofed, and virus-attached emails is critical to staying safe online. Always exercise caution when checking your emails. Avoid clicking on any links or opening attachments and never reply to suspicious emails.

When in doubt, report them to your email provider and delete them immediately. Stay alert and protect your digital security.

 

 

Loading...