Tips & Insights

Don't Get Scammed: How To Spot A Phishing Email

I'm sure that, like me, you regularly receive phishing emails. In this article I want to share a few things that help me to spot those phishing emails so I can stay safe online. Often you will see phishing emails in different forms. Some will be sent in bulk, while others individually. Regardless of the method of exposure, all phishing techniques have a very similar goal, and that is to trick users into clicking on malicious links, giving up their username and password or installing malware onto their PC's.

Bad grammar, spelling and punctuation

If a message is poorly written and the grammar is wrong, it's a good sign that it's fake.

Phishing emails also often have poor formatting. For example, they may be formatted like a normal letter but have random words in all caps or odd symbols such as & or % at the end of sentences instead of periods.

They may use different words than you would expect, such as "Dear Valued Customer" instead of "Dear Customer," or capitalizing random words in sentences like "Dear Valued Customer."

Phishing emails can also be identified by their overly personal tone. If a message starts with "Hi," or ends with "Sincerely," it's probably not from your bank or another organization with which you have an account.

Weird sender's email address

If the sender's email address looks odd or out of place, it may be a sign that the message is fake. For example, if you receive an email from Apple, it will usually come from an @apple.com email address. If you receive an email from Amazon, it'll come from an @amazon.com address. If you receive an email that says it's from Bank of America, but the sender's address is something like "bankofamerica@yahoo.com" or "bankofamerica@hotmail.com", that's a good sign it could be a phishing scam.

It is possible, however, for scammers to spoof email addresses to show as sent from legitimate domains, so don't only rely on the sender address. If you want to see if the address is spoofed in Gmail, click on the three dots at the top right of the email, and click on 'Show Original'. The page will show a lot of technical information, but you can ignore most of this. Scroll down to where you can see 'Received:' and confirm the domain is the same as the email.

A sense of urgency

They may claim to be from your bank or credit card company, and tell you that they have a problem with your account that needs to be fixed immediately. The email might also tell you that you need to update your password or give them some other personal information right away. They may claim that your account is under threat, or that you need to take action to protect yourself.

Asking you to click on a link to sign in or provide personal info

This is how they trick people into handing over login credentials for their bank accounts, social media accounts and other sensitive information.

This link usually takes you to a fake website that's designed to look just like the real thing, where you can enter your username, password, PIN and other data.

This is especially true if they claim they need this information because of security issues with their system. Your bank or credit union will never ask you for this type of information by email.

Unexpected attachments

Phishing emails often contain unexpected or unusual attachments. This is because the phisher is attempting to trick you into opening an attachment that contains malware and infects your computer. A legitimate email wouldn't expect you to open an attachment without more information about what it is and why it's being sent.

Hover over links to see where it's actually directing you

Most phishing scams will have URLs that redirect you to another site where you'll be asked for your personal information. If you're on a desktop computer, hover over the link and check where it's taking you before clicking on it. If it's a link from an email with a subject line like "Your account has been suspended," double-check by looking at the URL in the address bar of your browser (it should be https://www instead of http://). If it's not a secure site, don't click on anything.

Phishing emails can be sneaky and hard to spot, but if you know what you should look for, avoiding them can be easy. So, the next time you get a new email, be sure to check it thoroughly using these tips. If you think it's likely a phishing email, don't open it at all and go directly to your email provider's website, or call them to confirm that they sent the email. In general, if you have to question whether an email is legitimate, don't open the attachment or click any links in it!

Take your team's management to the next level with email statistics

With Email Meter, companies understand how work happens and keep their teams productive without constant check-ins

Get visibility on your team's productivity
Get a clear picture of how work happens to analyze complex email workflows in an easy-to-use dashboard.
Start a free 14-day trial
Powering email analysis at