You can tell an email is phishing by looking for urgent language, generic greetings, spelling errors, suspicious links, unexpected attachments, and requests for sensitive information, such as passwords or financial details. Also, examine the sender's email address closely for inconsistencies and hover over links to ensure they lead to legitimate websites.
Key Red Flags to Look For
Suspicious Sender Address:
Check for misspellings or slight changes to a known sender's domain, like amazan.com instead of amazon.com.
Urgent or Threatening Language:
Phishing emails often try to create a sense of panic or urgency to pressure you into acting quickly without thinking.
Generic Greetings:
Legitimate companies will usually address you by your name, not a generic "Dear valued customer".
Poor Grammar and Spelling:
While some advanced phishers use AI to avoid this, many still contain noticeable errors.
Suspicious Links:
Hover your mouse over any links to see the true URL. If it doesn't match the expected website or looks unusual, it's likely a scam.
Unexpected Attachments:
Be cautious of unsolicited attachments, especially those with unusual file types, as they may contain malware.
Requests for Sensitive Information:
Never provide passwords, Social Security numbers, or full credit card details via email.
What to Do If You Suspect Phishing
Do not click on links or open attachments.
Do not reply to the email.
Report the email as spam or phishing to the helpdesk.
Verify independently any requests for sensitive information by contacting the company through a known, trusted website or phone number.