Hover Test for Suspicious Emails

Written by Joe Iarocci on 3 Sep 2019

I received this email recently – and I thought I would create a post about how to hover on an email to see if it is legitimate.

I have a Netflix account so when I first looked at this email, it does look legitimate – the logo looks right, with no spelling mistakes.  Let us do the Hover Test on this email to see if there might be a problem.

Even though the name on the sending email is “Netflix”, the email address looks a little strange. It is not Netflix.com or Netflix.ca – It is Netflix-gc.ca.

This does confuse some people as the address has the word Netflix, but when you see hyphenated words like this one, that is a first clue that this could be a problem

Now, let’s go further and do the Hover Test. Simply place your cursor over the link that they provide. In this case, it is a large red button that says “update account now”.

When I place the cursor over the “Update Your account” red button – do not click on the button, just rest the cursor on top; I see the link that this button will send me to if I click on it.

As you can see, the site that I am being sent to a site that is not Netflix but some site named “Chinagroup”.

This fails the legitimate email test. This is obviously a fake site and the email should be deleted

Use this technique on emails that are asking for account or personal information.

END

Short Summary:

A phishing attack is an email in which includes a link to a malicious website that leads the victim into giving up private credentials or financial information. One of the best techniques in determining if an email is a phishing scam is to hover your mouse over the link to determine the full address. While more people are continuing to read emails on a mobile device every year, it is important to understand how to implement this same technique on a smartphone or tablet.