It doesn’t matter what the name is what matters is what shows when you click on the from link.

that looks legitimate, but it isn't. No?

Your email program has a way for you to see the sender’s actual email address

what I am saying is that the email address could look legit, but isn't.

I think a test as suggested by teach1st down thread is a good idea.

Company’s real address; whammy.com

Fake address; whammy.net

it shows the e-mail address of the sender.
For example, I got an e-mail

From: Noreply
To : (my e-mail address)

The text has the PayPal logo and under it is a confirmation number and under that is the date.
Some more text thanking me for my order…that I never made.
So I click on the From and it’s really from gillybenson2@gmail.com .
Obviously not from PayPay.

It’s quite easy to confirm whether an email is coming from a legit account. I get hundreds of emails a day, and many of them have buttons to click through to something there are trying to do. Being cautious doesn’t require freaking out over every button in every email. Nothing new. Check the source, and if it doesn’t seem legit, call, or email to check. Otherwise, most major corporations have “phishing@companyemailname.xxx” places to send crap to. Use them.

but what I am doing is pointing out some irony.

My broker is not Vanguard, but let's assume it is. Let's say their legitimate web site is Vanguard.com. I receive a non-legitimate email from marketing.vanguard@xxxx.com. I click on a link within that email, which takes me to a spoofed URL of marketing.vanguard.com.

Could that be a legitimate URL? Maybe, maybe not.

I got a call from my bank asking for my password. I hung up and called their office number. Turns out they had called me to warn me of some suspicious activity on my card. I told them why I hung up. They agreed that was a smart move, but the next time, they did the same thing.

I will continue to hang up on them and call the number I know. But it's weird that they do what they say they won't do.

Companies that warn about phishing and then send button links aren't thinking. You mentioned the best practice: companies should tell you to log into your account and then once you're in, should display a prominent link to whatever it is they want you to do. Some do that. Some don't.

If you use Gmail, you can click on the three dots to the right of the reply button near the top. Then choose "Show Original." The full headers of the email show up in a new tab, making it fairly easy to see who the email is really from. In addition, the headers include some security tests like this:

Thanks!

spam emails are often long strings of nonsensical numbers and letters. Check the box on the left and hit the spam button.

I sometimes get 2 or 3 daily from McAfee.

Another clue is the font used in the subject line. You might see an assortment of font shapes, bolding etc

is to just go to their web site and log in.

I don't have a clue why some companies do this, but my wild guess is a lack of internal communication or a lack of proper training.

Do not send clickable links, ever, should be the holy grail of all banking, investment and probably many more companies. When they do, I still refuse to use them, and usually send a comment complaining about it.

That's my guess. The security wogs are all exiled to the basement office with no carpets, because they don't create revenue. Meanwhile, those who do create revenue have the plush offices on the 96th floor, and they come up with all the "great" ideas to "simplify" your experience and generate still more revenue. It wouldn't occur to them to run these ideas past the slobs in the basement.

-- Mal

Put it into the spam or junk folder before opening it. At least Outlook and the Xfinity mail browser reader disable and reveal all links in the mail if it's in that folder. Then you can decide if you like them and move them back to the regular folder if you wish.

For users of the Xfinity mail in a regular browser: there are three horizontal bars which allow "more actions", one of which is "View source". It is very useful if you're sending complaint mail to abuse@domainname to include those headers so they can trace the source and disable the account.

a contractor complained that none of us had followed instructions in an email - but, we weren't familiar with him, it essentially said click this link and follow directions, there was even a spelling error. EVERYONE deleted.