The “Hover Check”: Spot Phishing Emails Quickly & Prevent Identity Theft Easily

According to, there are 180 identity thefts happening every minute. Think about that! Every 1/3rd of a second, someone’s identity is stolen. But with some very basic knowledge, you can reduce your risks.

One way criminals are stealing identities is by using emails that try to fool recipients into giving away their personal information. This style of crime is more common than ever and the crooks are getting smarter, so you need to get smarter too. Below, I tell you how to spot these illegitimate emails very easily and quickly.

A common purpose of phishing emails is to steal your credit card information. Phishing emails have become more dangerous lately because they have developed better disguises to hide their true purpose. Because you’re more likely to think they’re legitimate, phishing emails typically appear to come from banks or insurance companies. These are the most dangerous. As a general rule, you should always be skeptical and proceed with caution when you receive an unsolicited message appearing as if it came from a company you do business with.

The Hover Check:
When you get one of these types of emails, try performing this one simple test I call the “Hover Check”. In the questionable email, hold your mouse over the link that is provided to “update records”, for instance, without clicking it. The actual URL address should appear in a pop-up. Examine this address to determine where it is truly going to take you if you do click on it. Remember, DON’T click on it. Just let your mouse rest over the link until the address pops up and then examine it. If it’s not going to the website of the company they’re claiming to be, the link is most likely dangerous and at the very least, an attempt to get your personal information.

Pay Attention to Sub Domains. Now if you don’t know what I’m talking about and know nothing about URLs and what to look for, here’s a quick lesson. Web pages begin with “http://”. They are followed by the domain name, such as “”. The “www” that precedes a domain name is really a “subdomain”. “www” simply stands for world wide web, but subdomains can really be anything and more and more often are. Google for instance uses subdomains frequently, to give one the ability to direct requests to other web services they provide. For instance, for maps the URL address is To search news, it’s, and so forth. One thing most people don’t know is that you can have as many layers of subdomains as you want. For instance, is not a Key Bank link. The domain name is really “”, and so whoever controls this domain name controls the pages that display when you click on their links. Instead of .com being used as the extension, “eu” is used, which means it’s a European domain name. There are actually hundreds of domain name extensions. You probably know only the most common ones like .com, .net, .edu, .org, .info, etc. But nearly every country in the world has its own domain designation.

Another simple test when examining whether or not you’re on a legitimate page asking for personal information is to see if the URL address starts with “https”, where the “s” indicates that it’s a secure page. As a rule, do not provide any personal information unless the page is secure as indicated by the address beginning with https.

What should you do with the email when you determine that it’s illegitimate? Certainly, you should delete it, but only after defining the email as spam. However, with most basic spam filters, if you define an email as spam you will be preventing legitimate notices from this business from getting messages through to you. Most phishing emails are sent with a legitimate email address as a part of their disguise. Our Systems Administrators here at iNamics know how to stop these emails in better ways from getting through. They define certain rules at higher levels of our spam filtration system that stop these emails without specifically saying to stop all emails coming from any particular email address, as many basic spam filters do. I suggest you notify your email administrator so they can work to prevent any other similar emails, once discovered, from getting through to you.

Leave a Comment