Back to Kora Blog
Merchant Security Awareness

Would you survive email spoofing? Find out

July 28, 2023
July 28, 2023
3 min read
Astor George
Astor George
Brand Storyteller

Editor's note:

Let’s try something a little different today. 

In our mission to spread knowledge about data security and privacy, we’ve discussed what email spoofing is and how to spot a spoofed email so you don’t fall victim to scammers trying to steal money or important information from you. So we figured we’d put your knowledge to the test. 

Here’s how it works. 

We’ll present you with a spoofed email, and you’re going to see if you can spot all the ways to tell that the email is spoofed. We’ll give you the answers at the end of this, but we want you to try first. 

Let’s go.



To: Undisclosed recipients

Dear customer

There has been an unusual activity detected on your account which has caused us to freeze it. To avoid losing your money FOREVER, click the link below and fill in your username, password, and 2FA authentication. Do this NOW to avoid BLOCKAGE of your account

Click here to save your

Thank you for trusting korra with your money.

Bless up. 

Here are all the ways to know that this email is spoofed:

  • Illegitimate Sender’s Address: That is not Kora’s email address. You can tell because it has the words “customercare” in it as one word, says “korra” instead of "Kora" and ends with “.ng”.

  • Generic Greeting: The email starts with a generic "Dear customer," which is a red flag since legitimate fintechs usually address their customers by their full names.

  • Urgency and Fear Tactics: The email uses fear tactics by stating "URGENT VERIFICATION REQUIRED!!!!" and "avoid losing your money FOREVER" to pressure the recipient into taking immediate action without thinking.

  • Poor Grammar: "There has been an unusual activity” “Do this NOW to avoid BLOCKAGE of your account”. Poor grammar and spelling mistakes are indeed common indicators of a spoofed email.

  • Undisclosed Recipients: A legitimate fintech would never send an email to undisclosed recipients. It would address the email directly to the account holder.

  • Unusual Activity Claim: The email claims there has been "unusual activity" on the account, but it doesn't provide any specific details about the activity, which is suspicious.

  • Request for Sensitive Information: The email asks the recipient to click on a link and provide sensitive information like "username, password, and 2FA authentication number." Legitimate fintechs never ask for this kind of information via email.

  • Unverified Link: The "Click here to save your" link is not from Kora's official domain. Clicking on this link could lead to a phishing website designed to steal the recipient's login credentials.

  • Unprofessional Closing: The email ends with "Bless up," which is unprofessional and uncommon in official communications from a fintech.

It's important to remember that cybercriminals constantly develop new and sophisticated ways to deceive people. But with awareness and a proactive approach, we can protect ourselves and our businesses from the damaging effects of email spoofing. Stay alert, stay informed, and stay safe.

At Kora, our mission is to connect Africa to the world and connect the world to Africa via payments. For startups and businesses accepting money in and from Africa, we provide All The Support You Need™️ to start, scale and thrive on the continent. Visit to see all the ways you can grow with Kora.