What is the biggest factor when determining the legitimacy of an email?

The sender45%

Spelling Errors38%

Relevancy / Personal Details13%

Other (Share below)2%


3.5k views4 Comments

Director, Information Security in Education, 1,001 - 5,000 employees
A combination of the sender and relevancy/details with a bit more emphasis on the latter. I’ve seen enough accounts compromised (or spoofed with insufficient SPF/DMARC) that sender alone isn’t reliable.

Spelling or grammar may be helpful but the context of the relevancy is more important there. Someone may not be a native English speaker or they may be neurodivergent, explaining such. However, if the message is supposedly an automated message from a bank, a government agency, etc spelling and grammar are helpful. Less so when sent from individuals.
Director of Technology Strategy in Services (non-Government), 2 - 10 employees
That it was expected.
Head of IT and Security in Finance (non-banking), 51 - 200 employees
All of the above!
Director in Manufacturing, 1,001 - 5,000 employees
Add SMTP full address to the list

SMTP header for actual domain that sent it. In the olden days you could look at a message header easily and see that it cam from a false domain or used an unsecured SMTP relay host.

Content you might like

Yes – very optimistic!32%

Yes – mildly optimistic.55%


I’m not sure6%


2.9k views1 Upvote

CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
Read More Comments
44.2k views132 Upvotes320 Comments