Skip to content

5 Tips for Spotting Phishing Emails

Posted July 22, 2020

What’s a phishing email?

Scammers are always devising new ways to trick individuals into divulging their sensitive information. One of the most common online threats is the phishing email – a form of social engineering in which cyber shysters (say that five times as fast as you can) hope to trick unsuspecting parties by creating and sending fake emails that seem to be from authentic sources, such as a manager, coworker, or family member. These communications may ask you to verify personal account details or prompt you to open an attachment that contains a malicious virus or malware.

woman typing on laptopHow to identify a phishing email

You’ve received an email asking you to confirm personal information.

While it may look legitimate, it’s incredibly unlikely that your bank or manager is going to ask you to do this via email. Modern scammers spend quite a bit of time ensuring that their emails look authentic, but when you receive a request that you wouldn’t usually expect, it can be a big red flag that the email isn’t from a trusted source.

Does the email ask for your login credentials or banking information? Do not trust it! It is better to contact the sender directly by phone to confirm their correspondence rather than clicking any links or replying. We also suggest that you do not use any communication methods given in the email in question.

The web or email address looks a little off.

While scammers will use emails or website URLs that look very similar to ones you’re familiar with, if you know what to look for, it’s easy to spot the inconsistencies. Take a bit of time to examine the details of the email or website URL and you’re likely to find that it’s a fake variation. For example, you might receive a phishing email from as opposed to

Additionally, you may also find malicious links hidden within the body of the email. Remember to always hover over the link and inspect the link preview before clicking on it.

The email is poorly written.

Any time an email is sent out by a large company, it’s reviewed for legality, grammar, and spelling, among other things. Moreover, if you receive an email from your manager or coworker and it is not consistent with their writing style, you can safely assume that it did not actually come from who it’s claiming it came from. Remember, you can always reach out to the person or organization by phone and confirm the correspondence!

The email wants you to panic.

Have you received a weird email saying your account has been compromised? Is it asking you to take immediate action or face consequences? Intimidation is a commonly-used tactic to scare people into giving up their private information. Take a step back and think: Is the email asking you to do something reasonable? Are you taking the first three tips into consideration? If you’re just not sure, we advise contacting the company through an alternative method.

There’s a strange attachment.

It’s a huge red flag to receive a random or unexpected email from an organization that contains an attachment. You should never open these attachments without first scanning it with an antivirus software, as it could contain a malicious trojan or install a virus on your computer or network. When in doubt, don’t open it!

letters spelling out "don't panic"Did you accidentally respond to a phishing email?

If it’s possible that a scammer has your sensitive information, such as your credit card number, social security number, or bank account details, you should go to and follow their instructions based on the information that has been compromised. We also suggest contacting us directly if you think the scammer has access to your email.

If you accidentally opened an attachment or clicked a link, contact your IT Department. If this happened on your personal computer, update your computer’s security software and run a scan.

Report the phishing attempt

It’s important to report any and all phishing emails or texts to help in the fight against cyber criminals. You can forward all phishing emails to (the Anti-Phishing Working Group). If you received a phishing text, you can forward it to 7726 (SPAM).

You should also report all phishing attacks to the Federal Trade Commission (FTC) at

Stay Up to Date

Subscribe to our spam free newsletter for all our latest updates and resources delivered to your inbox. Unsubscribe anytime.