StartMail introduces now our official Badge in the subjectline. This badge is an easy and reliable way for you to verify if an email received from StartMail is genuine.
If you're not sure, make sure that before you login, you check your browsers address bar and confirm that you're on the startmail.com domain! The full URL of our login page is https://mail.startmail.com/login
This article will tell you more about email spoofing and what to do if you receive a phishing message.
- What is spoofing?
- How can I check whether a message is spoofed?
- How can I distinguish genuine StartMail notifications from faked?
- What can I do with suspicious email messages, URLs, email attachments, or files?
What is spoofing?
Spoofing is a fraudulent practice where an email is sent from an unknown source that's disguised as a known source. It's a tactic used in phishing and scam emails to trick you.
A spoofed email address often imitates a friend or business (such as your bank or even us: StartMail!). It commonly occurs in spam messages and is something to be aware of, especially when the content of the message does not appear to be something that the person or business in the ‘From’ field would send.
It tries to convince you that the email attachment is safe to open, or that you should follow a link to activate something. It then often asks you to login or provide bank information on a hacked website, or asks you to reply with personal details.
The spoofer is then able to use this information for criminal activities (such as identity theft, changing the contact details, or accessing your bank account).
How can I check whether a message is spoofed?
- Think critically about the content of the email - If the content seems out of character given the source, or asks for unneeded sensitive information, please contact the legitimate source to verify if the message is legitimate.
- If a message is not specifically addressed to you, be very careful, and do not open any attachments or URL in the email. One way to determine if a link is trustworthy is by hovering over it with your mouse. When doing so, most browsers will display the full URL of the hyperlinked text (URL). If the URL does not match with the page it is supposed to direct to, it is likely malicious.
In common cases of phishing, you are tricked into giving away your StartMail email login credentials, or to log into your account by clicking on a url in the email.
- When you log into your StartMail account, make sure to check the address bar to see if this is on the startmail.com or mail.startmail.com domain!
- If you receive this type of message, you can simply delete the message (or first mark the message as spam and then delete it).
Some examples of this type of phishing are listed below:
How can I distinguish genuine StartMail notifications from faked?
Fraudulent emails linking to phishing websites are becoming more and more elaborate in their design to steal personal login credentials or banking information. As a result, it is becoming increasingly difficult for our customers to then distinguish these fake emails from official StartMail emails.
That is why we at StartMail have introduced our official StartMail sign. From now on a glance at the subject line reveals if an email is really from StartMail!
Please note that the official StartMail sign will only be visible in our webmail interface. If you use an IMAP connection to your StartMail account, we recommend that you log into your webmail interface to check the authenticity of StartMail emails.
What can I do with suspicious email messages, URLs, email attachments, or files?
Report the message to our Security Team for further inspection that will help to protect you and other users.
With your consent for a report for phishing a full forensic copy of the email - this includes the body content, headers, attachments and metadata - is sent to our engineers for further inspection.
With this we will thoroughly analyze the message(s) and improve the detection for similar emails passing our servers on our systems - protecting you and other users in the future.
Your message is held in secured and audited data centers in the Netherlands.
The investigation of the phishing message(s), including their content and attachments, will only be carried out within the responsible team.
All info are going to be deleted as soon as they are no longer required.
Note that inspection only applies to the messages reported as phishing, and of course not to your other (private) emails.
Reporting a message for phishing will also mark it as spam to improve your own/personal spam filter database, stored along with your emails in your encrypted vault. After reporting, you will find the message in the 'Junk' folder.
Follow these steps to send a phishing report:
- Open the email, click on the three dots > Report phishing.
- Confirm sending the email by clicking Report.
- Your email was send successfully, when you see this confirmation.