How to spot a phishing email?


Education and awareness are critical when it comes to identifying phishing email attacks. Although phishing messages can be highly deceptive and difficult to detect, there are various best practices that you should implement and indications you should look for to avoid falling for a phishing scam.

How to spot a phishing email

A phishing attack is a form of social engineering by which cyber criminals attempt to trick individuals by creating and sending fake emails that appear to be from an authentic source, such as a business or colleague. The email might ask you to confirm personal account information such as a password or prompt you to open a malicious attachment that infects your computer with a virus or malware. Phishing attackers use email or text messages to trick you into giving them your personal information like passwords, account numbers, logins or Social Security numbers to gain access to your email, bank, or other accounts.8 ways to spot a phishing email:

  • Check for spelling and grammatical errors which can indicate that an email is fraudulent or malicious. Also, keep an eye out for suspicious subject lines and signatures.
  • Scan all attachments for viruses or dangerous code.
  • Check if email sender is asking you to confirm or reply with some personal information. Legit companies don’t request your sensitive information via emailCheck if website & email address is real & genuine.
  • Verify shared links to ensure that they do not lead to fraudulent websites or malicious code.
  • If an email appears strange in any way, make a phone call to the sender to confirm the legitimacy of the email.
  • If you receive an email from a source you know but it seems suspicious, contact that source with a new email, rather than just hitting reply.
  • Think before you act! Take time to evaluate each email you receive before clicking on links or downloading attachments.
  • Make sure that you have a comprehensive, well-regarded business email security solution in place. Implementing an effective, multi-layered solution is the single best way to safeguard your email from advanced modern attacks.

Be Aware of Common Shortcomings in Anti-Phishing Defenses

40% of companies report that their email security falls short in protecting against phishing, and 13% have no system in place at all.

Also, if you’re ever uncertain about an email, a quick Google search of the sender, subject line and some of the contents will quickly show you if others have received the same suspicious phishing email.

Phishing Is Evolving

Are Your Current Email Defenses Falling Behind?

Get the Guide

Other FAQs