A few weeks ago I posted a digital citizenship post suggesting that we teach our students to hover over a link before clicking on it. One way scammers try to fool you is to create emails or websites that look legitimate when they are not.
This morning I received an email telling me that I had sent a $100 iTunes gift card to someone I do not know. The email looked like a legitimate email from Apple. It has logos and formatting that looked very convincing.
Hover Over Links
Of course there is an initial panic that I accidentally did something to send a gift card. Right in the email there is a link that says “Click Here to Cancel this Transaction.” Hovering over this link does not link me to the Apple website. Looking at the destination website, displayed in the left hand corner of my screen when I hover, shows a strange URL that is definitely not legitimate.
The first thing that tipped me off that this was not legitimate (phishing) was that the email address is not the one I use for my iTunes account.
Seeing details I notice that the email is sent from myself. Checking who the sender of an email is can help identify illegitimate emails. Note that sometimes the emails are ALMOST official looking. They may misspell the name of the company they are spoofing. They may also try include the name of the company in the email address, but it is not the official email domain for the company.
It is important that we teach students about scams like this. Take some time in a warm up or integrate into a lesson to talk about how you know email, websites and ad’s are legitimate. It is incredibly easy to create a fake email or fake website that uses logos and formatting that make it “look” good.