8 Tips for Detecting a Phishing Email

By: | Category: IT / Infrastructure

As email phishing tactics continue to increase in sophistication, fraudulent emails are looking more and more legitimate making it difficult for the average user to tell whether an email message is fraudulent or real. In this post we offer tips to help protect yourself against cybercriminals who may claim to be a business or person you recognize in order to scam you into releasing private information and/or funds.


1. The “From” Email Address Doesn’t Look Right

You might recognize the first part of the email address but pay attention to the tail end after the “@” symbol, as it might be off by a letter or may include a number in the usual domain.

2. Requests for Personal Information

Most legitimate businesses have a policy that they do not ask you for your personal information through email. Be very suspicious of a message that asks for personal information even if it might look legitimate.

3. Asking to Send Money to Cover Expenses

Sooner or later, phishing artists will likely ask for money to cover expenses, taxes, fees, or something similar. If that happens, you can bet that it’s a scam.

4. Check All URLs and Links Carefully

Place your mouse over the links and see if the destination matches where the email implies you will be taken. Any webpage where you enter personal information should have a URL with https://. The “s” stands for secure.

5. Overly Generic Content and Greetings

Watch out for general greetings like “Dear Customer.” Cyber criminals will send emails in bulk, so non-personal greetings can be a red flag.

6. Poor Spelling and Grammar

Notice misspellings, incorrect grammar, and odd phrasing. This might be a deliberate attempt to try to bypass spam filters.

7. Pay Attention to Suspicious Attachments

Alarm bells should be ringing if you receive an email from a company out of the blue that contains an attachment, especially if it relates to something unexpected.

8. Look for Urgent Wording or Demanding Actions

To increase the number of responses, people try to create a sense of urgency so that you immediately respond without thinking. Examples include “You’ve won! Click here to redeem prize,” or “We have your browser history pay now or we are telling your boss.”

All it takes is one untrained employee being fooled by cybercriminals that will steal critical data or request a fraudulent payment that can crumble a business. It’s crucial that employees are trained and educated on the most common phishing email red flags in order to help businesses avoid major cyber security pitfalls. Contact us to learn more.