Identifying an email phishing attack

Phishing attacks have become one of the most common cyber threats today, with hackers continuously refining their techniques to exploit unsuspecting individuals and businesses. While these attacks can appear convincing, there are telltale signs that can help you identify and avoid falling victim to a phishing scam. 

What is phishing?

Phishing is a cyberattack where scammers impersonate legitimate organizations or individuals to trick recipients into sharing sensitive information, such as login credentials, financial details, or other personal data. These attacks are typcially emails, but they can also occur through text messages or social media. The goal of phishing is to deceive you into believing the message is genuine, leading you to click on malicious links or download malware.

Read more: What is an email phishing attack?

Signs of a phishing email

Recently, Linus Sebastian, founder of Linus Tech Tips, revealed a Twitter account was compromised by a phishing attack, allegedly due to him clicking on an email link. After realizing what happened, Sebastian tried to recover the account, but it was too late. “I like to think that I’m better than this... but they caught me at exactly the wrong moment,” said Sabastian. 

But what signs did he miss?

Suspicious sender address

One of the first signs of a phishing attempt is an unusual or unfamiliar sender address. While the display name might seem legitimate (e.g., "Your Bank" or "Support Team"), the email address itself often contains random letters or numbers, or a domain that doesn’t match the organization it claims to represent.

What to look for:

• An email address that looks slightly off, like @support.amaz0n.com instead of @amazon.com.
• The domain may resemble a well-known one but with subtle differences, such as @company-support.com instead of @company.com.

Generic greetings and messages 

Phishing emails are often mass-produced, so they often use vague greetings like “Dear Customer” or “Hello User,” instead of addressing you by your name. If the message comes from an institution that usually uses personalized communication, a generic greeting can be a red flag.

What to look for:

• Phrases like "Dear Valued Customer" instead of your actual name.
• Impersonal language or incorrect grammar.

Urgent or threatening language 

Many phishing attacks attempt to create a sense of urgency or fear to prompt immediate action. For instance, the email may claim that your account has been compromised, or that your payment is overdue, threatening account suspension or legal action if you don’t respond right away.

What to look for:

• Statements like “Your account will be locked in 24 hours unless you verify your information.”
• Overly urgent requests for sensitive information.

Requests for personal information 

Legitimate companies rarely ask you to provide sensitive information (like passwords, Social Security numbers, or credit card details) via email. If an email asks you to share personal information directly or through a link, it’s likely a phishing attempt.

What to look for:

• Requests to "confirm" your account details, passwords, or credit card information.
• A link that directs you to a form asking for personal or financial details.

Suspicious links and attachments 

Phishing emails often contain links or attachments designed to install malware or direct you to a fraudulent website. The goal is to harvest your login credentials or infect your device. Before clicking on any link, always hover over it to reveal the actual URL. If it doesn’t match the supposed source, avoid clicking it.

What to look for:

• Links that don't match the official domain of the company.
• Attachments with unfamiliar file extensions, especially executable files like .exe.

Poor grammar and spelling 

Many phishing emails originate from international scammers, and their messages may contain awkward phrasing, misspellings, or grammatical errors. 

What to look for:

• Misspelled words, unusual phrases, or incorrect grammar.
• A message that reads as though it was translated by a machine.

Too-Good-to-Be-True offers 

Phishing scammers often lure victims by promising something that seems too good to pass up. Whether it's an unexpected prize, a refund, or a lucrative job offer, be skeptical of any offer that seems out of the ordinary or too generous.

What to look for:

• Claims that you've won a contest you never entered.
• Offers of large sums of money for little effort or no clear reason.

See also: HIPAA Compliant Email: The Definitive Guide

How to protect yourself

Even though phishing emails can be sneaky, there are steps you can take to minimize your risk of falling for these attacks:

• Verify the sender: If you receive a suspicious email, contact the company directly through official channels (e.g., visiting their website or calling their support number). Avoid using the contact information provided in the suspicious email.
• Hover before clicking: Before clicking on any links, hover over them to check where they’re actually leading. A link that looks like it's from your bank might redirect to a completely different site.
• Don’t download suspicious attachments: If you're not expecting an attachment, don't download it. Even attachments that seem innocuous can carry malware.
• Enable two-factor authentication (2FA): Protect your online accounts by enabling 2FA, which requires an additional step beyond just entering a password. Even if scammers get your password, they won’t be able to access your account without the second authentication step.
• Use security software: Keep your computer’s security software up to date. Most security programs can scan emails for phishing content and help block threats.
• Report phishing attempts: If you suspect an email is a phishing attempt, report it. Many companies have dedicated teams for handling phishing reports, and your vigilance can help protect others.

Go deeper: Steps to protect against phishing attacks

FAQs

What should I do if I receive a phishing email?

• Don’t click on any links or download attachments.
• Report the email as phishing through your email provider.
• Contact the company directly through verified contact methods if you’re unsure of the email’s legitimacy.
• Delete the email from your inbox.

Why do phishing emails often contain grammatical errors?

Many phishing emails come from international sources where English is not the first language, or they are created quickly with less attention to detail. The errors can also serve to bypass spam filters, as well as target less vigilant recipients.

Can phishing emails harm my computer without clicking anything?

Simply opening an email generally won't harm your computer. The danger lies in clicking on malicious links or downloading attachments. However, some advanced attacks might include embedded malicious content, so always be cautious.