Does that email pass the smell test?

We get lots of email messages every day. How do you tell what's a fake (and likely to try to hurt you) and what's not? Carnegie Mellon's Software Engineering Institute produced a set of checks that are still valid. It's the KREVS "test".

• The Know test. Do you already know the sender?
• The Received test. Have you received safe emails from the sender before?
• The Expect test. If the email has an attachment, were you expecting to get it?
• The Virus test. Does the message pass a virus-check? (Make sure your Antivirus program also checks your email messages).
• The Sense test. Does it look right? Are there unexpected misspellings? Does it "smell" in any way?

If an email messages fails any of the above tests, delete it. Even if an email messages passes all 5 tests above, it still might be malicious. Be paranoid; the "bad guys" really are out to get you. Criminal attack attempts using email are increasing rapidly.

If the email is from a person you already know, still be careful. Call them and see if they really sent any unexpected attachment.