The actual structure of an email consists of several elements. First, there is the header information. Then there is the body of the message. Lastly, there are possible attachments, which can come in many different forms. These three elements are important to understand. The following figure illustrates the standard format of an email.
In a typical email, the user will not see all the data that is available, and instead will only see the following basic information:
• Names of the “To recipients”
• Names of the “CC recipients”
• Subject line
• Date and time of the message
This email claims to be from Netflix, however by looking at the header information we are given clues as to whom the message is actually from.
‘FROM’ AND ‘TO’ FIELDS
The information that is of interest is the "From" line, which we can see is not from a legitimate Netflix sender.
The "Reply-To" field is normally filled in with the email address for replying to the message, however again in the example above it is blank. If you receive an email address with the "Reply-To' field blank and you click the "Reply" button, your email client will generate an email with a blank "To' field. This shows that something is amiss with the email as it forces the recipient to either:
•Click on one of the embedded links
Thus, in both cases the aim is to click on one of the links, which often leads to asking the recipient to give up information such as credit card details in order to acquire the free Netflix account. In reality hackers will then use this information for fraudulent activity (read more on our anti-phishing blog here).