Blog/Expert Analysis/

How to recognize a phishing email? Here are 8 signs

Elisa Armstrong

Elisa Armstrong


Aug 05, 2020


7 min read

Phishing is among the most prominent cyber threats today. The reason is simple: phishing is cheap to execute but offers unlimited potential when it's successful. Billions of people receive scam emails regularly. Luckily, spam filters catch most of them, and those that get through can often be recognized for what they are. But all it takes is one thoughtless click to tear down years of cybersecurity efforts.

To help you protect yourself from phishing, here are the most common signs that will help you recognize phishing attempts.

1. Lots of mistakes

While there are many types of phishing emails, most scams are designed for quick execution. Create, send, repeat. Scammers are going for the lowest hanging fruit and won’t waste time crafting the perfect message. Whatever mistake-riddled text automatic translators spit out is good enough. Remember, phishing is cheap, even a measly success rate puts scammers in the black.

But while mistakes are a good indicator that the email might be a phishing attempt, grammatically perfect message does not mean it's not. More and more scams today are perfect copies of legitimate company emails.

2. Urgency or special conditions

Urgency is a technique used a lot on the internet. Ticking timers, limited copies, last chances— you’ve seen them all. Since it works so well (why else would marketers use it?), scammers use it too. Unfortunately, pushing strangers into action is not that hard when all you’re asking for is one click.

But urgency alone is not enough to persuade someone over an email. That’s why it's often used in combination with other techniques, such as scarcity, giveaways, and threats.

3. Requests for money or sensitive information

One great thing about scammers is that they’re always in a rush. Unlike brands that work on getting to know you, scammers don’t have the luxury of time. Every message has a specific purpose and every ending has a request for action.

Here's a list of the most common requests:

  • Add account information
  • Sign in to an account
  • Check account activity
  • Pay an outstanding invoice
  • Check attached invoice

How can you tell scams from legitimate emails about late payments or missing account information? Our best advice here is to consider the source before you take any action. Are you supposed to get an invoice? Did you make any changes to your account? And if you need to log in, type in the address directly instead of clicking on the link in the email.

4. Sender’s email address does not belong to the company

We rarely look at the sender’s address, especially if the email is from a brand we recognize. That's why scammers often use blatantly fake email addresses and get away with it.

If the email is asking you to complete an action, always double-check the sender. Unfortunately, scammers constantly come up with ways to fix their biggest flaw, which is not owning the brand domain.

You'll notice that there are a few ways in which scammers attempt to trick recipients. Here're some common examples:

  • [email protected]

    Since they can’t use, scammers insert the brand name at the front and hope that you won’t notice the rest.

  • [email protected]

    You will also often see email addresses where the brand name is used with a department, like sales, PR, or finances. These are tricky to catch if you don’t know how domain addresses work.

  • [email protected]

    Just as tricky as the one above, this format uses a full stop instead of a dash. Remember: the ending of the domain is key. If it’s not or, be careful.

5. It’s too good to be true

What would you do if someone on the street randomly offered you $100? You would probably look around in search of hidden cameras and inspect the bill. Why else would somebody on the street offer you free money? Similarly, scammers know that free cash will get your attention. But they also know that the offer will appear suspicious unless it’s justified.

The most common techniques to eliminate suspicion is to use generosity and guilt. The former could be a lottery or a giveaway and go something like this:

“Congratulations! To celebrate [special occasion], we’re giving our customers a free $50 gift card. You’re one of the lucky winners."

Emails that use guilt explain a mistake which prevented the company from fulfilling their duty. Everyone at the company feels terrible about it, so they are sending you cash as a token of appreciation. It could be something similar to:

"We’re contacting you today to notify you about a mistake in our warehouse. We won’t be able to fulfill your order. As an apology, we’re offering you a full refund and a free $50 gift card. Click here to claim.”

Sounds believable enough, right? Cybercriminals often use Amazon in these scams — after all, who’s not waiting for a package from Amazon? But there's an easy way to tell if it's a phishing email. Scammers don't know what your order was, so they will beat around the bush without revealing which item they will not be able to deliver.

6. Threats

Free offers don’t always work. When that’s the case, expect scammers to resort to threats and intimidation. These emails could simply be warning you that your data has or will be deleted (maybe due to inactivity or by mistake), and to prevent that you need to check your account.

Phishing emails can also get aggressive and accuse you of wrongdoing, usually something vague like using pirated material. You risk years behind bars. The scam may also suggest that they can keep the crime under wraps if you agree to pay.

These are powerful messages that work more often than you realize. We’ve evolved to act on impulse when we’re scared. That’s why it’s: “fight or flight” instead of “stop and wonder”. But try to remember, legitimate companies don’t communicate like that. They don’t inform the guilty party about a lawsuit over an email, let alone demand payment for keeping a crime a secret. Ironically, this is illegal.

7. Government emails

Scammers can take it to another level and send emails, pretending to be government agencies. Even though we all know that FBI agents don’t send inquiry emails to criminals, many people still fall for such phishing emails scams. Why are they so effective? There are two reasons.

First, few know the law well. No matter how much we love crime dramas, we never know what violating Section 185 of the California Penal Code means. And who can keep up with all the changes in federal, state, and local law?

Second, feelings of guilt and embarrassment are in human nature. Let’s say you’ve done something bad. No matter how insignificant the accident, you often feel bad about it. Suddenly, the FBI contacts you. Not only do they know, but you’re also going to jail for it. Unsurprisingly, that's all it takes to scare people into action.

Here’s how to protect yourself from such scams: do not reply to any emails from government agencies, especially if they contacted you first. Find the relevant department online, call them, and find out what is going on.

What to do if you suspect phishing

After some practice, most phishing emails will be easy to recognize. But sometimes there won't be any obvious signs. Instead, you'll have a gut feeling that something is off.

Believe it or not, intuition is an important component of cybersecurity. It's hard to say why things stand out, but they do. Maybe it's muscle memory, the subconscious mind, or the sixth sense. Whatever it is, it will give you a signal before you even realize something's wrong. Listen to this feeling, and when you find something suspicious, inform your IT security team.

How to scan emails for phishing signs?

If you check every email you receive carefully, you will never fall for a phishing scam. But few of us have the time to comb through every email. So how do you recognize phishing emails without getting overwhelmed?

To find the answer quickly, scan the key elements: sender’s address, purpose of the email, and call to action. Who’s contacting you? Do they have a legitimate reason to send you a message? What do they want from you?

Also, just like fortune tellers, scammers use vague language to appear like they know more than they do. So if the email not only urges you to click or download but also includes blanket statements without any specifics, get ready to ring the alarm bells. Especially if they were the first to contact you.

Lastly, cybersecurity efforts are incomplete if they don't include company-wide education. It takes only one untrained employee to be fooled by a phishing attack and give away the data you’ve worked so hard to protect. Share these phishing signs with your employees and coworkers and help protect your company.

Elisa Armstrong

Elisa Armstrong

Verified author

Elisa’s all about languages. She speaks five, loves stand-up comedy, and is writing her first novel. Besides her extensive knowledge of cybersecurity, she’s an expert in persuasion techniques hackers use and strives to teach people how to avoid online scams.