With phishing attempts on the rise, our email is an ever-growing target. Be sure to pay attention to the details as well as that feeling when something seems off. If in doubt, here's something you can do to help protect citizen data, our networks, and your email.

On the surface, this looks like it could be legitimate if you were unaware we have unlimited email storage. So, let's say we click the email to open it.

Ah, this is from me, to me according to the sender email address. That seems strange. Could it be an automated email from my account? Perhaps. But again we have unlimited email. So, let's do a check to see where this email really came from.

Click file while you have the email open (not the preview pane of outlook). To open the email fully, just double click it to pop it out.

Click Properties

Then let's look through the Internet headers. What you are looking for is a line that starts with spf= (TIP: you can copy the information in the internet headers section and past it into word, then do a CTRL+F to search for spf=) if that is easier for you.

Notice we scrolled down a ways. Also notice that the spf= result is softfail. It could also be hardfail, or pass. Anything less than pass means it is 99.99% not going to be from who you think it is from regardless of what the from field says when you open the email.

Here's what a legitimate email looks like that was sent from a real tncsa.com email address.

So, when something seems off, this is a quick way to check if the email really did come from the person it appears to come from (note that even if it says pass, that doesn't mean the account hasn't been hacked. It can still pass the spf check and legitimately have been sent using the compromised email account.

If you have doubts, always check with the person via another method such as a phone call to put the issue to rest. Be safe out there!