How to Spot a Phishing Email

Phishing emails are a huge burden for many businesses. Fortunately, many phishing emails are blocked by your email server before you receive them, but ones that get through can cause havoc to your computer or, in a worst-case scenario, your bank balance.

If you receive an unsolicited message, and you’re not sure if it is genuine, follow the tips below to to learn how to spot a phishing email.


1. Check the From Address

The first thing you need to do is check the authenticity of the sender’s email address. If the address does not contain the domain that is owned by the organization, e.g. “[email protected]” instead of “[email protected]”, it is most definitely a scam. Unless you are 100% certain that the email address is genuine, do not click on any links or give out any information.


Phishing email subject line

2. The Subject Line and Content Looks Off

The subject line is one of the first things you’ll see, and you can immediately notice if something isn’t right. An email with a subject line similar to “Important_Message_For_You! ~~ Respond Now!!” is instantly recognizable as a scam.

You can also spot a scam email if the formatting is messy or the branding isn’t in line with the apparent sender. Don’t be fooled by emails with a design identical to a legitimate one.


3. Personal Information Request

One of the top scam emails ask recipients to “verify” their information, such as their home address, telephone number, a password or bank details. This is almost inevitably a scam, and you should be very wary of any email that asks for this type of information. Companies you have dealt with in the past will very rarely ask you to verify information that they already know. If you are unsure, contact the company directly to check it is legitimate.


4. Common Scam Phrases

Often scammers will use scare tactics or enticing offers to trick the recipient into sharing personal information. “Do you want a £500 voucher? Click here now to claim it!” or “Fraudulent activities on your account” are common examples of phrases scammers use.

These types of emails link to a genuine-looking website with a form that asks for your personal information, such as your home address or bank card details. If you enter sensitive information on a phishing site, your details could be sold on, or money could be stolen from your bank account.


5. Hyperlink URL is Different to the One Displayed

If you are viewing an email on a PC or Mac, hover your mouse over the links (without clicking) to check the real address in the pop-up window. In the example below, the URL looks like it goes to PayPal when it is actually a disguise and links to a phishing site. Unfortunately you cannot do this on a mobile device, so wait until you can view the email on a desktop.


phishing scam link

6. Strange Attachments

Be careful of any emails you receive with attachments that aren’t from a familiar email address. Unless you are certain you know the sender, or have requested a document to be sent to you, do not open any attachments as they may be malware.


7. Bad Grammar and Spelling

One of the easiest ways to spot a phishing email is if the message is full of spelling and grammatical errors. Legitimate emails sent by organizations are often proofread by numerous people and very rarely have any mistakes in the message. If you spot an obvious error, treat the email as suspicious and don’t interact with it in any way.


Phishing email - Bad spelling

What to Do if You Receive a Phishing Email

Be suspicious of any unsolicited email you receive from someone you do not recognize. Scammers are often very clever at disguising a phishing scam as a legitimate email from a reputable organization. Therefore, if you feel that something isn’t quite right with an email, you’ll almost always be right.

If you believe you have received a phishing email from someone claiming to be a specific organization, forward the email on to customer services so that organization is aware and can take action by warning other customers.

You can also report phishing scams to your email provider, who will take steps to identify the scammers and block future emails from them. Furthermore, Microsoft and Google have also written articles on how to report suspicious emails you receive.

If you’re concerned any of your online or email accounts have been hacked, change your password straight away. For extra security, download antivirus protection to ensure your computer isn’t affected by malicious scam emails. Unfortunately, this won’t protect against all phishing emails. However, using common sense and vigilance will help to protect you from scams.

How Exclaimer Can Help:

If you're looking for an easy way to design and manage professional email signatures across your whole organization, we're here to help. Find out more or start your free trial today!

Learn More   Start your Free Trial


© 2021 Exclaimer Limited

To provide you with the best possible user experience, this website uses cookies. If you continue to browse this site, you are agreeing to our use of cookies. To learn more about the cookies we use, please view our Privacy Policy.

To understand how Exclaimer complies with the Data Protection Act 2018 and GDPR, please visit our legal page here.