It’s getting harder and harder these days to tell which emails are legitimate and which ones are not. Being able to tell the difference is key to preventing your computer and accounts from being hacked. Phishing emails are particularly dangerous since they seek account logins to access your personal information. We regularly receive forwarded emails from our customers asking for advice on whether a particular message is legitimate, so we’ve seen them all. Here’s how to identify and avoid phishing emails.

1 – Consider the Source

The first thing you should always do is consider the source of an email. Should the sender have your email address to begin with? For example, if you receive an email from a credit card company or bank but do not have an account with them, then it’s unlikely that the email is real. The same goes for delivery companies, the federal government, etc. Think first how that sender would even have your email address. That’s typically the first sign that something isn’t quite right.

2 – Look for Red Flags

The easiest way to identify and avoid phishing emails is to spot the red flags. There are normally many of them within a single message. Here are some common ones:

  • Sender Mismatch
    The from email address does not match the company, i.e. the email is from XYZ company but the email address is or Better yet, sometimes an email is “from” you and sent “to” you. Obviously, you did not send yourself the message, so that’s a clear sign of spam.
  • No Signature with Identification
    There is no email signature with a clear company name or it says something very generic like “support team.”
  • Grammatical Errors
    If the wording is odd or doesn’t make sense, that’s a red flag. Many phishing emails come from overseas and their attempt to translate messages into English isn’t quite right.
  • Scare Tactics
    Scammers often use scare tactics, such as warning that if you don’t click on a link and re-authorize your account within x number of days, your account will be deleted. Some even go to ridiculous levels, threatening legal action or pursuit of criminal charges.
  • Unusual Links
    Did you know that you put your cursor over a link in an email (without clicking anything), the actual url link will display either in a small popup next to your cursor or at the bottom of the email window? If the link does not match the company’s website, that’s another red flag. For example, if the email is supposedly from Company XYZ but the link goes to some odd url, it’s probably not legitimate.

3 – Follow Best Practices

Even if you look for the red flags listed above, you still might not realize that an email is a phishing attempt. The best way to protect yourself is to adopt some best practices.

  1. identify and avoid phishing emailsAvoid Clicking Links in Emails
    Instead of clicking links, you can go directly to the company’s website. So, if an alert is emailed from your bank, go directly to that bank’s website. You’ve probably been there many times and do not need to use any specific link emailed to you.
  2. Check With the Source
    Sometimes an email comes from someone you know because their computer contracted a virus and sent out a bunch of malicious messages with either a link or attachment. This is how computer viruses are spread to begin with. We’ve even seen some of these come through social media direct messages. Before clicking links or opening attachments, try checking with the sender first.
  3. Avoid Opening Attachments
    Executable or zip files are a very common source of viruses. It’s best not to open them at all unless you know for certain what the attachment is and you were expecting to receive it.
  4. Empty Email Trash 
    Deleting phishing emails from your inbox may simply place them in a separate trash folder. To be safe, you should delete these types of messages entirely by emptying your trash bin.

Summary of How to Identify and Avoid Phishing Emails

The best way to identify and avoid phishing emails is to be aware of the danger, know what red flags to look for, and adopt best practices to protect yourself from all types of email scams. Usually, your instincts will tell you that something doesn’t seem right. It’s always better to be overly cautious when it comes to the security of your information. We hope that these tips will help you avoid falling victim to a phishing scam. Stay alert and stay safe!