Woman looking at laptop with eyebrows furrowed

How to Identify Phishing Emails



You’ve heard of phishing, right?

No, not the kind that we’d rather be doing on a dock somewhere right now.

We’re talking about the kind that comes into your email inbox and asks you for your personal information so they can steal your money, identity, or both.

Way less fun.

But how can you tell if an email you receive is legitimate or if it’s a phishing email?


What are the signs of a phishing email?

Great question! We are glad you asked. There are a few signs you can watch for to determine if an email is a phishing email or not.

The email contains unexpected attachments

Does the email you received have attachments that are unusual or unexpected based on your past interactions with the sender?

That could be a sign that someone has spoofed an email address you’re familiar with and attached a file that may do harm to your computer, be used to log your keystrokes to gain access to your passwords, and more.

The URL is different when you hover over it

Ever notice that if you hover your mouse over a URL, a small box appears that shows you where that link leads? If you ever hover over a URL and it shows you a URL that is different or doesn’t make sense, that can be a sign of a phishing email.

They want you to take immediate action

Often, phishing emails will create a false sense of urgency in order to get you to act without doing your homework. They want you to act before you get the chance to question the legitimacy of the email.

They may suggest that there will be severe consequences if you don’t act within their given timeframe. And while it may seem challenging in the moment, those are the times when it’s most important to take your time and verify the request.

The email contains grammatical and spelling errors

Look, pobody’s nerfect. Even some legitimate emails may contain a mistake. But they are rare – and you shouldn’t see them pop up throughout the entirety of an email from your bank, the government, or your lawyer.

So, if you get an email riddled with errors, or where the language used is unusual, stop and take a second look.

The email looks different from other emails you have received from that sender

If you correspond with the sender fairly regularly, you probably know what a typical email from them looks like. If you get an email that looks very different – different fonts, styles, formats, etc. – pay close attention and take your time reviewing the email. Don’t open any attachments or click any links.

The email address doesn’t make sense

Get an email that claims to be from a brand name, but the email address has a domain name that doesn’t match the sender?

Also watch for more subtle errors in the text. For example, some scammers will create email addresses like support@amazorn.com and hope you don’t realize that the “m” at the end of Amazon is actually an “r” and an “n.”

The email claims to be from a brand name, but is sent from a public domain account

Big retailers, the government, and most businesses and nonprofits will have their own domain name for their email. Get an email with a public domain? For example, if you get an email that says it’s from Amazon, but the sender’s email address is amazonsupport@gmail.com? Big red flag.


What should I do if I get a suspicious email?

Did your eagle eye catch one of the red flags above? Your best course of action is to reach out to the individual or organization the phishing email is claiming to be – but be sure to use verifiable contact information, not the contact information they provide you in the suspicious email.

If you haven’t provided them with any information, you’ll want to delete the email. If it came through your work email, you should also report it to your business in case the email was sent to your coworkers as well.

Uh-oh. I think I already gave them information. Now what?

If you did mistakenly provide information to fraudsters, check your financial accounts for unusual activity, document it, and report it to your bank right away (in fact – report it to your bank even if you haven’t seen suspicious activity yet!). Your bank may also recommend additional steps to take to protect yourself.

If you provided your social security number, we recommend reaching out to the Social Security Administration and each of the three credit bureaus to place a credit freeze.


Learn more about protecting yourself from identity theft at our cybersecurity blog here.