You received an email that seems legit.
Things you need to do
- Log in to your email.
- Head to your sent items, check the last activity. If you saw malicious activity then the hacker has to access your email account.
- Change your password to 16 characters. Go to password generator.
- Copy the email body and paste it to google search. Read the articles from Reddit and other forums. It will help you a lot to check fake emails.
Note: Steps 1 and 2 are confirmation that they don't have total access to email.
Help The Community To Fight This Fraud Through Reporting The Malicious Email
Checking email header using Messageheader - Google Apps Toolbox
- Learn how what's inside the "show original"
Screenshot the result in Messageheader - Google Apps Toolbox
- Contact the support of your email provider and web hosting. Inform them that you received a suspicious email. Also attached is the screenshot result from the Messageheader - Google Apps Toolbox.
The service providers will check the origin of the fake email and prevent possible harm or exploitation of the system in the future.
Sharing is caring, spread awareness.