11 Red Flags of Email Phishing

Email Phishing Image

Phishing is a prime example of social engineering. Con artists have mastered the art of exploiting emotions of fear, guilt, curiosity, excitement, anger, and sadness. This is how unsuspecting internet surfers can lose a lot of money or expose their data to criminals.

Like Abraham Lincoln once said, "You can fool some of the people all of the time, and all of the people some of the time. But you cannot fool all of the people all of the time." To avoid being tricked into email phishing, here are some red flags to spot.

Phishing email and what it does

Phishing is a manipulative technique designed to induce someone to divulge personal information or take seemingly urgent action. These are the desired results by the criminal regardless of the email phishing scam.

Hackers can approach crime in different ways. In the case of spear phishing, they spend time researching their target to find ways of establishing trust. This makes it easy for them to tempt the victim during the attack. In other cases, the phisher creates a few email templates that they mass-distribute.

Even a low conversion rate, where only a few eat the bait, makes the whole operation worthwhile. By revealing sensitive data (like login credentials), a phishing email can enable the attacker to:

  • Access several of your accounts (bank, social media, etc.) linked to your email address

  • Obtain cash advances, open credit cards in your name or transfer money out of your bank account

  • Make unauthorized purchases

  • Find a list of your contacts and send phishing emails to them

  • Sell your data to other people for illicit purposes

  • Commit identity fraud

Ways to spot a phishing email

Let’s go through signs of a phishing email in more detail:

Unfamiliar greeting

Who doesn’t like the sound of their name? Well, scam emails are the opposite since they often have generic greetings:

  • “Dear customer”

  • “Dear account holder”

  • “Dear valued member”

  • “Dear”

A legitimate company addresses its clients by their registered name through emails. In some cases, the attackers may not have any salutations and go straight to the point. This is common with promotion and ad-based scams.

In other situations, the phisher may have spelled your name wrong. It’s worth noting that, while rare, the hacker may address the victim by their real name. But, in most cases, since phishing emails are mass-distributed to thousands of random targets, an unfamiliar greeting is an easy-to-spot red flag.

Grammar and spelling errors

A classic phishing email attack is not complete without spelling errors. A reputable brand emailing their clients will ensure well-written and grammar-free communication.

In some cases, you may encounter the occasional phisher with a poor command of the English language.

However, it’s not counter-productive. Most scammers make their message lack perfect spelling by design. Firstly, it’s one way some emails bypass spam filters and end up in the targets’ primary inbox.

Also, a less professionally-written email is somewhat relatable and simpler for a gullible person to understand. Scammers only need uninformed individuals to respond, not the smartest who will ignore their advances.

Another way to identify phishing emails is by looking for mismatches between the address of the message and the domain name linked to it. For embedded links, you can simply hover over the destination URL (without clicking on it).

For instance, if the email claims to be from Microsoft, but the link doesn’t lead to Microsoft, it spells trouble. Also, a scam email address will often contain numbers or special characters, whereas authentic corporations generally won’t have this.

If in doubt, you can always verify by searching online or contacting the real brand. For example, a ‘do not reply’ email from Amazon may read, “do-not-reply@amazon.com.” On the other hand, the scam version might read, “do_not_reply@amazon20.com.”

Unusual requests

A message asking you for odd things is another warning sign. This typically includes personal information like login and card credentials. In other cases, it is money. Regardless of the request, no organization will ask for sensitive data via email.

Suspicious files attached

Attached files to emails are the gateway to malicious software, which can wreak all kinds of havoc onto your device, ranging from keyloggers to ransomware.

In other cases where the attacker needs imputed information, the attachment may be an HTML link leading to a fake website. A genuine company will always advise you beforehand when including attachments to emails.

Vague message

It doesn’t take much experience using emails to tell when you receive ambiguous communication. Hence, phishing email examples tend to contain vague messages without sufficient explanations, like:

  • “We urgently require your details for a security and maintenance upgrade.”

  • “We need you to verify your account, so you can protect yourself from fraud threats.”

Of course, if the supposed organization sending this message is a familiar source, you can verify with them or even look online for past examples. Yet, in most cases, vagueness is a phisher’s trademark.

Request for payment info or debts

There are a few ways scammers can get payment details from unsuspecting victims. One is through the classic inheritance scam. Here, the message contains a generic tale of a wealthy deceased person, supposedly an unknown distant relative.

The email comes from a so-called ’law firm’ that needs the target’s banking details to wire the money. The phisher sometimes asks the person to pay an ‘admin charge’ to receive the funds. Here, they would acquire this fee along with their card or banking details.

Scams involving debt collection have also been on the rise. Here, the scammer will pressure the reader to settle a ‘debt’ by transferring money under a false threat of jail time or publicly revealing the dues.

Request to verify or update account information

Like inheritance or money-related scams, ‘update account’ emails are the archetypal modus operandi for phishers.

These emails usually mention the company in question is:

  • Updating customer information

  • Suggesting the card on record is not working

  • Problem with processing a payment

  • Suspicious activity and locked account

Regardless, such scams look real since the message contains seemingly familiar logos, domain names, and typefaces. In many cases, this leads the target to a copycat website of the imitated organization.

Here, the phisher can access login credentials and other sensitive data they can use on the real site. Alternatively, the email may also have a dubious malware-infested attachment.

Call to action

Email phishing attacks aim to get the viewer to do something: the call to action. This comes with forceful or urgent language (often with a scare tactic), whether to claim a reward, settle a debt or restore an account.

Reward notifications

Who doesn’t like a freebie? News of an unexpected reward, whether cash, a giveaway, or a gift voucher, is exciting for anyone. Sadly, it’s a trap designed to steal money from you.

The email would require the user to click a link to claim this so-called prize, which ends up capturing your card details. With this information, the phisher can siphon funds out of your account.

How to stop phishing emails?

Now that you know the signs, here are simple techniques to prevent email phishing.

Train your employees

An organization is only as good as its employees when it comes to safeguarding against scams. This requires workers to continuously receive education on how to spot phishing and avoid being spoofed.

Companies can teach these concepts in various ways, like through compliance training, infographics, and videos.

Use a phishing fire drill

On the aspect of training, organizations can test their employees with a ‘fire drill’ or fake phishing campaign. The key is to carry out this experiment constructively rather than highlighting the insecurities of certain workers.

However, the point is to see how effectively employees spot phishing. Leaders in companies can run fire drills at least monthly, with extra training for those who didn’t pass the test.

Use 2FA authentication

It’s worth noting that 2FA isn’t a foolproof method. This is often the case when a weak authentication method like SMS is used. However, it can be an excellent deterrent when done correctly and with the proper safety education.

Don’t click on URLs with a suspicious domain

You should never click on dubious links or open attachments from unfamiliar domains. Always verify the email senders who have yet to communicate with you in the past to ensure they are legit.

Another way that suspicious links masquerade themselves is through pop-ups, even on legit sites. This is common when your browser allows ads. You should not click on these either. An ad blocker can be beneficial in this case.

Only browse on secure sites

There are two ways to tell if a website is safe to view. Firstly, the URL must begin with ‘HTTPS’ (encrypted) instead of ‘HTTP’ (not encrypted). The other way is that a secure site has a closed lock next to the browser's address bar.

Of course, the lock is not closed for an insecure site. When you visit the latter site for some time, you may soon receive phishing emails.

Use tools to protect against phishing

Nowadays, we have several applications designed to tackle phishing, ranging from advanced email security to prevention systems like firewalls. However, another effective tool is using anti-phishing software.

This software identifies phishing messages through spam filters, malicious URL detection, and other complex identification parameters.


Phishing incidents have become the most common cyber attack in the last few years. The need for strong phishing email prevention methods is stronger than ever before.

Therefore, whether you’re a large corporation or an average person, it’s essential to stay cautious by understanding the signs of these scams. In doing so, you can stop them dead in their tracks.