How to Identify Phishing Emails: 7 Easy Ways to Spot a Scam
Cybersecurity experts share how you can weed out the bad actors.
Everyone's heard horror stories of fraud: the well-meaning grandmother who wires thousands of dollars to bail her "grandson" out of jail; the distracted tourist whose credit card is stolen from their back pocket on vacation; the Facebook user whose social media profile is hacked and begins selling designer sunglasses. These days, many of these cases take place online, often in the form of phishing emails, which is why it's important to stay vigilant when tending to your inbox. Keep reading to learn cybersecurity experts' best tips for how to identify phishing emails and protect yourself.
RELATED: What Does a Credit Card Skimmer Look Like? 7 Ways to Spot One.
What are phishing emails?
The name reveals a lot in this case: Phishing emails are used to gain something from you, often at your expense, explains Calum Baird, digital forensics and incident response consultant at Systal.
"This could include tricking you into divulging personal information to use for fraud, stealing money through a bank transfer or fake purchase page, stealing login credentials for both work and personal portals to carry out further cybercrime, or tricking you into downloading malware, which can have serious consequences for you and your work, potentially leading to ransomware incidents costing millions," says Baird.
The tricky thing about them is that they're engineered to look real. "They'll come from a genuine sender or company or make a genuine threat, like claiming to have infected your computer with spyware and to have embarrassing recordings," Baird explains.
And unfortunately, new technology means they're getting more sophisticated every day.
RELATED: What Is the Dark Web, and Is It Safe to Use?
What are the signs of a phishing email?
1. It's in your spam folder
This is the first thing that could tip you off—though just because an email is in your general inbox doesn't mean it's benign.
"Legitimate emails rarely end up in spam folders," says Motti Elloul, VP of incident response at the cybersecurity firm Perception Point.
When something lands there, it means it's failed one or more tests that verify the sender's authenticity and intent, and you should open with caution.
2. The email address looks off
Make sure to inspect email addresses carefully, especially when dealing with sensitive matters.
"Phishing involves using email addresses that contain suspicious elements to target victims, even sometimes spoofing a well-known site or brand," says Theo Zafirakos, cyber risk and information security expert at Fortra. "Be on the lookout for changed or added words or characters, as well as misspelled words within a domain name."
For example, bankofamerica.com and bankofamerlca.com can look quite similar at a glance, notes Maria Chamberlain, president at Acuity Total Solutions. However, spoofed emails can even have a company's exact URL and still be illegitimate.
"If you don't have a previous relationship with the company that you suspect might be spoofed, copy and paste the content of the email message into a search engine," recommends Chamberlain. "Common phishing attacks are usually reported and published on the internet."
If you do have a relationship, go straight to their website or app and conduct your business from there rather than through email.
3. The greeting is generic
Salutations like "Dear Customer" and "Hello Account Holder" should trigger alarm bells.
"Phishing emails target many people at once and implore the recipient to take immediate action, usually without a personalized opening line," says Zafirakos.
However, this rule isn't failproof, and you should pay attention to emails addressed via your name, too. "Spearphishing emails are more targeted, and people will often think if it is addressed to them specifically that it must be genuine," says Baird.
For these emails, the bad actor will research you to create a targeted phish. "For example, identifying your manager and spoofing an email from them asking you to transfer funds urgently," says Baird.
4. It's from a company you interact with often
Many phishing emails pretend to be from companies that actually email you frequently, like your bank, UPS, FedEx, or Amazon.
"The format of the email may not be consistent with previous emails from this company, like having missing logos," says Gary Huestis, licensed private investigator and owner of digital investigative firm Powerhouse Forensics. "Or, when you check the properties of the hyperlink, it shows a different domain."
5. It makes big promises
"Be skeptical: If it sounds too good to be true, it probably is," says Baird. Common messages include news of an unexpected inheritance or offering a gift card in exchange for completing a survey.
6. The email is seemingly urgent
"Phishing emails often urge people to act fast, putting time pressure on people to take action or scare them into adverse consequences," says Baird. This can cause people to react without thinking things through more rationally.
7. There are spelling and grammar mistakes
"If they can't spell, it smells phishy," says Chamberlain. "Phishing emails will often contain typos and mistakes."
RELATED: 5 Ways to Protect Your Facebook From Hackers.
How to protect yourself from phishing emails
Don't click unexpected links
"You may be redirected to a website or start a download that can compromise your data or infect your device," says Zafirakos. By not clicking, you prevent that from happening.
Don't open strange attachments
The same thing goes for attachments like photos and PDFs. "Suspicious attachments can be carriers of malware and ransomware payloads that can corrupt your data and harm your device," says Zafirakos.
Remember: Bad actors will make these attachments sound enticing, and your curiosity could get the best of you if you're not careful.
Use different email addresses
Having a few email addresses in a rotation that you use for different purposes could help tip you off to cybercriminals.
"For instance, you may have one email address for online subscriptions, another exclusively for banking and finances, and another for news and entertainment accounts," says Chamberlain. "If you receive a warning to your entertainment email that your bank account was hacked, you can be sure that it's a phishing email."
Use tech to your advantage
Many modern phishing attacks are so sophisticated it can be challenging to identify them on your own. "That makes it especially important to use advanced security tools to improve your chances of avoiding the threats posed by phishing attacks," says Elloul. Here are some options Elloul suggests:
- Use email filtering tools: "Deploy email security solutions that use advanced filtering techniques to identify and block phishing emails before they reach your inbox," suggests Elloul. "These tools analyze email content, headers, and sender information to detect potentially malicious emails and quarantine or flag them."
- Install an anti-phishing browser extension: "These extensions check the websites you visit against a database of known phishing sites and provide a warning if you attempt to access a potentially malicious website," says Elloul.
- Use antivirus software: "These often come with anti-phishing features," notes Elloul. "These solutions can scan incoming emails and web pages for potential phishing attacks and block access to malicious websites."
- Enable two-factor authentication: "This adds an additional layer of security, making it more difficult for attackers to gain access to your accounts, even if they obtain your login credentials," explains Elloul.
