Red Flag - Check Email Addresses
Home Insights Security Tip: Check Email Addresses in Suspect Messages

Security Tip: Check Email Addresses in Suspect Messages

by Brett M. Christensen

One way to help identify a message as a suspected scam is to check the email addresses it uses.

Businesses Use Email Addresses That Reflect Their Name

Legitimate businesses will almost always use custom email addresses that reflect their business name. They will not use free email addresses provided by Gmail, Yahoo or other ad-supported email service providers.

For example, online payment service PayPal, often the target of scammers, corresponds with customers using email addresses that have “” after the @ symbol (“”).  If you receive an email that looks like it is from PayPal but has a sender email address such as “”, you will immediately know that the message is fraudulent.

Scam emails often ask you to make contact using a specified email address. Again, these email addresses can raise red flags.

For example, in a scam email falsely claiming to be from Warren Buffett that I recently wrote about, “Mr Buffet” used a free Yahoo email address. And the “bank” mentioned in the scam email asked you to make contact via an AOL email address.

In fact, emails connected to Warren Buffet’s charitable activities would use official email addresses belonging to the relevant foundation or charity. They would never use free Yahoo email addresses. And a legitimate bank would always use a custom email address such as “service@[bank-name].com”.

Scammer Email Address Tricks

Scammers often try to make their bogus email addresses appear legitimate by using the targetted company’s name somewhere in the address, such as with the “” address mentioned above. Sometimes, they may even use a custom address such as “” to increase the likelihood that recipients will believe the email is genuine.

Caveat – Email Spoofing

All that said, keep in mind that some scams use email spoofing to make it appear that an email really did originate with the targetted company.  In other words, the email that you see in the “Sender” field may appear genuine (“”) when, underneath, it may be an entirely different address ([scammer’s name]

Thus, checking email addresses should only be one of the methods you use to ascertain an email’s legitimacy. You should also watch out for other potential indicators such as poor spelling and grammar, dodgy web addresses, demands that you click a link or open an attachment and provide sensitive information, urgent or threatening tone,  unlikely claims, and more. 


Importance Notice

After considerable thought and with an ache in my heart, I have decided that the time has come to close down the Hoax-Slayer website.

These days, the site does not generate enough revenue to cover expenses, and I do not have the financial resources to sustain it going forward.

Moreover, I now work long hours in a full-time and physically taxing job, so maintaining and managing the website and publishing new material has become difficult for me.

And finally, after 18 years of writing about scams and hoaxes, I feel that it is time for me to take my fingers off the keyboard and focus on other projects and pastimes.

When I first started Hoax-Slayer, I never dreamed that I would still be working on the project all these years later or that it would become such an important part of my life. It's been a fantastic and engaging experience and one that I will always treasure.

I hope that my work over the years has helped to make the Internet a little safer and thwarted the activities of at least a few scammers and malicious pranksters.

A Big Thank You

I would also like to thank all of those wonderful people who have supported the project by sharing information from the site, contributing examples of scams and hoaxes, offering suggestions, donating funds, or helping behind the scenes.

I would especially like to thank David White for his tireless contribution to the Hoax-Slayer Facebook Page over many years. David's support has been invaluable, and I can not thank him enough.

Closing Date

Hoax-Slayer will still be around for a few weeks while I wind things down. The site will go offline on May 31, 2021. While I will not be publishing any new posts, you can still access existing material on the site until the date of closure.

Thank you, one and all!

Brett Christensen,