Fighting Spam can require every weapon in your arsenal. This means, the larger your arsenal is, the better chance you have of combating the eternal war against Spam.

Google targeted this email for me long before I noticed it was in my in box. What did they do for me? Besides routing the email to spam, they also noted the email.  Spam

But what if Google hadn’t recognized this email? There are a few things to always check prior to clicking any link in an email.

  • Flag 1. Do you have an account with this company?
  • Flag 2. Does the email address displayed actually match the email address which sent the email? By clicking the down arrow to the right of the date, you will be given the option to “show original.” By showing the original Email  I have gained access to the Header of the Email which will give a wealth of information.

Delivered-To: My Email address here
Received: by 10.76.143.194 with SMTP id sg2csp71045oab;
Sat, 23 Mar 2013 13:24:11 -0700 (PDT)
X-Received: by 10.60.165.72 with SMTP id yw8mr6025054oeb.7.1364070251291;
Sat, 23 Mar 2013 13:24:11 -0700 (PDT)
Return-Path: <noreply@bankofamerica.com>
Received: from smtp.newsguy.com (smtp.newsguy.com. [74.209.136.69])
by mx.google.com with ESMTPS id m1si5728298obw.159.2013.03.23.13.24.10
(version=TLSv1 cipher=RC4-SHA bits=128/128);
Sat, 23 Mar 2013 13:24:11 -0700 (PDT)
Received-SPF: softfail (google.com: domain of transitioning noreply@bankofamerica.com does not designate 74.209.136.69 as permitted sender) client-ip=74.209.136.69;
Authentication-Results: mx.google.com;
spf=softfail (google.com: domain of transitioning noreply@bankofamerica.com does not designate 74.209.136.69 as permitted sender) smtp.mail=noreply@bankofamerica.com
Received: from User (host172.190-30-245.telecom.net.ar [190.30.245.172])
(authenticated bits=0)
by smtp.newsguy.com (8.14.3/8.14.3) with ESMTP id r2NKNtMc033932;
Sat, 23 Mar 2013 13:24:04 -0700 (PDT)
(envelope-from noreply@bankofamerica.com)

The contents of the header itself are telling you that Bank of America states that the IP Address the email originated from is not authorized. But what about that link in the email? Isn’t that legitimate? No, it’s not. While still looking at the original, you can find the coding that is used for the link. Guess what? You are about to be sent to another web address that does not belong to Bank of America.

Please sign in to online banking at <a href=”http://bargamon.com/love/bofa/bola/BankofAmerica.Com/index.html” rel=”nofollow”>www.bankofamerica.com</a> to review your account activity, and then call us immediately at 602.597.2395. We will review and verify the activity on your account with you and take necessary steps to protect your account from fraud.<br />
<br />
Please disregard this notice if you have already verify your account. <br />
<br />
Want to confirm this email is from Bank of America? Sign in to <a href=”http://bargamon.com/love/bofa/bola/BankofAmerica.Com/index.html”>Online Banking</a> or Click <a href=”http://bargamon.com/love/bofa/bola/BankofAmerica.Com/index.html”>Alerts</a>. The Alerts History lists the Alerts sent to you in the past 60 days.</td>