Today, I received numerous forwards of an email that apparently comes from eNom. If you receive this email, delete it, it is a scam.

The rest of this article will cover a few low-tech tips anyone can use to identify similar emails.

This is fine for me to tell you, but how would you have determined this for yourself?

Dead Giveaways

This email appears to be legitimate; it comes from an enom.com email address (enom is a major, reputable seller of Internet domain names), and has a sufficient amount of convincing technobabble. However, there are a couple of highly suspicious bits, here:

1. They say the main site (www.enom.com) is going to be down; why would they give you a link to www.enom.com to access your account?
2. Why would you need to access your account in this case anyway?
3. The grammar in the email is spotless, except for the line about the account information: “For access your account follow this link” — most likely, the phisher (and apparently, bad grammarian) took a real email from eNom, and added this line.
4. Most damning, but also least obvious (and the hallmark trait of a phishing email) is that the link appears to go to http://www.enom.com/, but if you hover over the link in most email programs, you’ll see the real destination:

Instead of going to www.enom.com, you will be taken to www.enom.comsys52.net. Most modern email programs and web browsers have technology to attempt to detect this, but the technology is not perfect. And, phishers’ nefarious livelihood depends on exploiting any weakness in such systems. So, your best defense is always to be aware of the risks, and learn to pick up on these “phishy” characteristics.

If in doubt, always err on the side of caution; avoid clicking links in emails–instead, go to the company’s web site from your browser’s bookmarks, or look them up and give them a call if you feel they may actually need some information from you.