Tutorial:
Checking an email in 5 steps
Summary of the results
For a definite rating of an email, in case Delphish didn't already identify it as Phishing, it is always necessary to consider all the results at large. A single alarm signal can be coincidence. The decision about whether an email is Phishing or whether it's rated as harmless, is actually made by you, on the basis of the information Delphish gave you.
Here is a summary of the most important alarm signals:
- The domain is hosted in a country, that doesn't seem to fit to the alleged link destination or the actual content of the email.
- The specified link text in the email doesn't match the actual domain.
- The domain owner is not the person that you expect.
- The domain has no or a very low popularity, i. e. almost no other sites link to this domain.
If you have no reason to doubt the authenticity of the email after the analysis, you should still always be cautious in the internet and look out for all alarm signals. Banks e.g. never request you to submit your credentials through email, just like an online auction house would never do that.
1. signal: Country, where the domain is hosted
2. signal: wrong link specified
3. signal: unexpected domain owner
4. signal: The domain popularity is low or very low