[Guide] Spotting Fake Emails/Phishing Mails (2024)

Hello everyone.

I've seen recently people complaining about people sending fake emails to players in order to get account informations, and I decided that I could do a small guide on how to NOT fall for this. Some of you may find it stupid, but not everyone knows how to not fall for these.

Also, keep in mind that this small guide is NOT limited to Hypixel. It can be applied to ANY mail you get.

For this example, we will use this example :

[Guide] Spotting Fake Emails/Phishing Mails (1)

(It was taken from this thread )

Here are the clues that can make you spot a mail that wants to get into your account, or your purse.

First Clue : The Mail Address

This is the most obvious giveaway of a fake mail. However, it is NEVER a proof that a mail is legitimate. You have no idea how easy it is to change the sender's mail address.

In this example, the mail address is "@[emailprotected]".

And on that example, it's enough to show it is fake.

Hypixel owns the domain "hypixel.net". An official mail from them would not be an @gmail.com mail address, but an @hypixel.net mail address. If someone contacts you with a gmail claiming to be Hypixel Staff, know that they are NOT who they claim to be.


Second Clue : The "Too good to be True" offer.

This is a common technique to get to your informations. They offer you this "one of a kind deal" that seems incredibly nice for a ridiculously low price.

In our example, they offer to PERFECTLY securize your account AND give you compensation if you are hacked.

But you know the saying... "If an offer is to good to be true, it probably isn't".

In this case, you might simply need to ask yourself : "Why me of all people"?
Why would the Hypixel Staff securize YOUR account only? Why not everyone else? And why do they offer compensation like that? This makes no sense, and should raise a few red flags.

Third Clue : The underlying (or obvious) threat

This one is not really present in the example we got. (Although, the "you might be hacked in the future" situation could be seen as such). So it is more of a general case.
If you get a mail from, for example, your bank, saying things such as "You have a problem on your account, you need to login here : [insert link to suspicious website] in order to not lose your money", or something of the same vein, it is something extremely fishy.
In these conditions, go to the website trough Google (Do NOT use the link in the suspicious mail), if there is indeed a problem, you will see it once logged in on the REAL website.

Fourth Clue : The "Limited Time" situation

This one is also unused in our example, BUT it's incredibly common. "You have X hours to do it or you will lose X/have to pay X", or "This very special and absolutely unique offer ends in X hours" are ALL ways to force you to hurry. Because when you are pressed by time, you don't take the time to simply stand back, and ask yourself "Is it really what it seems to be?"
So if they want you to do what they ask as soon as possible, calm down, take your time, and ask yourself : "Are they really who they claim to be?", "Is this really legit?" and "Do I really want that?")

Simply asking yourself these questions is the best way to notice the red flags you would have missed if you were more pressed on being fast than protecting your data.

Fifth Clue : The suspicious link

As stated on the fourth clue, sometimes, the mail contains a link to a website "so you can login and [claim the offer/fix the problem].
Of course, you can inspect the link on itself by putting the mouse over it without clicking (showing where the link redirects to). For example, THIS LINK is a link to the main page of Hypixel.net, and by keeping your cursor over it, you can see the link it redirects to (In Chrome, it appears on the bottom left of the page).
The best way to avoid ALL trouble however, is simply to reach the site without using the link. If there is a problem or a special offer, they WILL tell you this once you're logged in through regular means.
So just open Google and search for the site yourself.

Final Clue : The Username/Password

No legitimate staff member of ANY services (including Hypixel, of course) will EVER ask for your account's credentials..
If they want to change things on your Hypixel account, they don't need your password, they can simply go to their admin tools (or directly on the database, if they don't have said tools), and change what needs to be changed.
As such,
IF SOMEONE ASKS FOR YOUR PASSWORD AND LOGIN (or only password), THEY ARE EITHER PEOPLE TRYING TO STEAL YOUR ACCOUNT OR GROSSLY INCOMPETENT.
And to be fair, be it the first kind or the second, you DO NOT want your password to fall into their hands.
CONCLUSION

Always be careful. Everything above are ways to spot a phishing mail, but I don't have the arrogance to claim that I am all-knowing. I might have missed some points, and if you catch something surpicious, remember that it's not because it's not in my clue list that it is safe.

[Guide] Spotting Fake Emails/Phishing Mails (2024)
Top Articles
Latest Posts
Recommended Articles
Article information

Author: Tyson Zemlak

Last Updated:

Views: 6482

Rating: 4.2 / 5 (43 voted)

Reviews: 90% of readers found this page helpful

Author information

Name: Tyson Zemlak

Birthday: 1992-03-17

Address: Apt. 662 96191 Quigley Dam, Kubview, MA 42013

Phone: +441678032891

Job: Community-Services Orchestrator

Hobby: Coffee roasting, Calligraphy, Metalworking, Fashion, Vehicle restoration, Shopping, Photography

Introduction: My name is Tyson Zemlak, I am a excited, light, sparkling, super, open, fair, magnificent person who loves writing and wants to share my knowledge and understanding with you.