How to identify phishing emails

Phishing emails are fraudulent messages designed to trick recipients into revealing personal information such as passwords, credit card numbers, or other sensitive data. These emails often appear to come from legitimate sources, such as banks, online services, or well-known companies, but are actually sent by cybercriminals. In this article, we will explore how to spot phishing emails, share practical tips to avoid becoming a victim, and provide steps to take if you suspect an email is a phishing attempt.

Key characteristics of email phishing

• Suspicious sender addresses: the sender’s email address may look similar to a legitimate one but often contains slight misspellings or unusual domain names

• Generic greetings and language: phishing emails often use generic greetings such as "Dear Customer" instead of addressing the recipient by name, and the language may be vague or overly formal

• Urgent or threatening language: these emails often create a sense of urgency or fear, claiming that immediate action is required to avoid negative consequences, such as account suspension or unauthorized access

• Suspicious attachments or links: phishing emails may contain attachments that contain malware or links that direct the recipient to fake websites designed to steal personal information

• Poor grammar and spelling mistakes: many phishing emails contain noticeable grammar and spelling errors, which can be a red flag that the email is not from a legitimate source

• Inconsistent branding: logos, colors, and other branding elements in phishing emails may not match those of the legitimate company they are trying to impersonate

• Unusual requests for personal information: legitimate companies rarely ask for sensitive information such as passwords or credit card numbers over email

How to identify a phishing email: 9 ways

1. It’s sent from a public or free email domain. A significant majority of phishing emails are sent from free mail services. As a rule, employees of legitimate companies do not use free email services for official communications. Authentic emails from banks, technology companies, and other institutions come from the organization's official domain. If the sender's email address isn't completely visible, you can click the “From” name to see the full email address and verify whether it is legitimate or from a suspicious source. For example, if all you see is “amazon@”, check the full email address to make sure it is not a free email domain such as “amazon@gmail.com”.

2. The “From” name and email domain don’t match. Email providers allow users to customize the name that appears in the "From" field of their emails. While most legitimate users enter their real names, scammers take advantage of this feature to impersonate individuals and organizations. It is important to note that a mismatch between the sender's name and the email address is a strong indicator of a phishing attempt. You can click the name to see the actual sender details, which can help you identify potential scams. For example, you received a suspicious email from your colleague “John Smith”, so you decided to check the “From” section and you found out that the email came from “jack-leo@gmail.com”. It is unlikely that your colleague's email address would have a different name.

3. The sender has spoofed a company’s domain name. “Spoofing” happens when scammers create deceptive versions of names or domains that closely resemble those of trusted companies to make their messages appear authentic. It's important to verify the domain of any sensitive email and be aware of any security warnings or requests to reset account passwords.

4. A notification “There’s an issue with your account” or “Suspicious activity detected” (depends on your email provider). Scammers often use technical support and email security scams as common social engineering tactics in emails, text messages, phone calls, and social media direct messages (DMs). They send emails with subject lines that suggest you could lose money or access to your account if you don't act quickly and click the provided link. If you suspect that your account has been compromised, it's best to log in directly to the company's official website or mobile app to verify the authenticity of the alert.

5. Suspicious links or attachments in the email. Almost all phishing emails contain either a link to a fraudulent website or a phone number to call. Phishing links can take you to a fake login page to steal your username and password, take you to a fake payment screen that captures your financial information, or infect your device with malware such as ransomware, spyware, or other malicious software. Before you click a link, hover over the button or text (or long-press on a mobile device) to check the URL destination. If the link doesn't take you to the website you expected, it's probably an email phishing.

6. There is a bill you don’t recognize. If you receive a bill for a purchase you don't remember, don't click any links or call the customer service number provided. Check your bank statements directly through your mobile banking app or the bank's official website to confirm that the charge was legitimate. If there is no such charge, this confirms that the bill is indeed a scam.

7. The blackmail. Scammers may try to intimidate you by claiming to have compromising videos or evidence of wrongdoing and threatening to release it unless you send them money. Scammers distribute millions of these messages, targeting people who may respond impulsively out of guilt. The majority of recipients can safely ignore these emails and block the sender.

8. They ask to provide personal or sensitive information. Legitimate organizations will not request or verify personal or sensitive information through email (or by clicking links in unsolicited messages). If someone claiming to be from a known organization asks for information via unsecured email, it may be a phishing scam. Never send sensitive information such as credit card numbers, bank account information, or Social Security numbers (SSNs) via email. If such information is requested, contact the organization directly by phone to verify the request.

9. There are spelling and grammatical errors. Grammar and spelling mistakes (for example, “Respected sir/madame” instead of “Dear [name]” or “Your account has been temporary suspend” instead of “Your account has been temporarily suspended”) are red flags because reputable organizations spend a lot of time and effort reviewing their communications before they go out. It's unlikely that a responsible company would send out an email riddled with spelling and grammatical errors.

What to do if you think an email is phishing

1. Avoid clicking links or downloading attachments in suspicious emails. While it is generally safe to open a phishing email, clicking links or downloading attachments could expose your device to malware or give hackers access to your personal information.

2. Check URLs before entering passwords or sensitive information. Instead of clicking links, manually type the full URL into your web browser to make sure you are visiting the correct website and not a spoofed version.

3. Delete the email and block the sender. Once you've reported the phishing attempt, delete the email from your inbox. Blocking the sender will prevent future phishing emails from the same address.

4. Scan your device with a reputable anti malware tool. Perform a thorough scan to detect any signs of unauthorized activity or malware on your device. Make sure the antimalware program is from a trusted commercial vendor.

5. Change your passwords to stronger, more complex ones. Stronger passwords make it harder for scammers to compromise your accounts. A password manager can help generate and securely store unique passwords for each account.

6. Enable two-factor authentication (2FA) for your accounts. This additional layer of security helps prevent unauthorized access even if your password is compromised.

How to protect yourself from phishing attacks

Scammers are constantly improving their tactics to bypass spam filters and deceive people with fraudulent emails. Modern phishing attempts often mimic real communications to instill fear and lead to mistakes in handling sensitive data security.

There are several things you can do to avoid falling victim to a phishing email:

• Install anti-virus software to scan email attachments. Use antivirus tools on your devices to scan attachments before opening them. If suspicious attachments are inadvertently opened, the software can alert you and mitigate potential malware threats

• Update your email provider's spam filters. Adjust settings to improve detection of phishing emails and automatically redirect them to your Junk folder for added security

• Avoid rushing to respond to suspicious emails. Phishing messages typically create a sense of urgency. If an email makes you feel anxious or uncomfortable, take the time to examine it for signs of fraud.

Final thoughts

Phishing emails are becoming increasingly sophisticated, making them harder to recognize. However, there are still clear indicators that an email is a phishing attempt. This article discusses some of the most common signs of phishing emails to look for. If you're ever unsure about an email you've received, it's better to err on the side of caution and avoid clicking any links or sharing personal information.