|   Providing IT Happiness Since 2001

Identifying Phishing Emails

Identifying Phishing Emails

It seems more and more of the email you receive is either spam, newsletters you didn’t sign up for, or worse. While emails are a convenient way of staying in touch, they can also be a prime target for phishing scams. So, how can you spot a phishing email? Here are some tips to keep in mind.

Be sure to view our companion articles: Phishing and Scam Gallery and Have I Been Hacked?  For more extensive personalized training options please Contact Wireguided.  

1. Check the Sender’s Address

Phishing emails often use a fake or similar-looking email address to trick you into thinking they’re legitimate. Keep an eye out for typos, misspellings, or a different domain name. The sample below shows an email from ‘Microsoft’ but the sender’s email address is a hacked account from University of Utah.

Example of phishing email using a spoofed hacked account
Example 1. Phishing email using a spoofed hacked account.


2. Look for an Email Banner

Keep an eye out for email banners that indicate the message was sent from outside the organization. Some email services even have the ability to add warnings or alerts to emails that are deemed suspicious or potentially dangerous. Paying attention to these banners and warnings can help you identify phishing emails and protect yourself from cyber attacks. The sample below shows an example of a warning banner tipping the recipient off that this is not from their organization. It also has a spoofed email address.

Sample Phishing email with external email warning banner.
Example 2. Phishing email with external email warning banner.


3. Beware of Urgency or Threats

If an email has a threatening tone,  mentions it is urgent to reply, or says access will expire, or marked as ‘High Importance’ take a closer look. Scammers often use fear tactics to make you act quickly. Don’t let them pressure you into making a mistake. The example below says the user must act before they are locked out of their email. It also has a spoofed email address as in example 1.


4. Don’t Click on Suspicious Links

Phishing emails may contain links that direct you to a fake website that looks identical to the real one. Before clicking on any link, hover your mouse over it to see the URL. If it looks suspicious or unfamiliar, don’t click on it. The below example show a phishing email with a tempting link (like the examples above). It also has a spoofed email address (see a pattern?).

Phishing email with suspicious link.
Example 4. Phishing email with suspicious link.


5. Beware of Suspicious Attachments

Phishing emails may contain attachments that can infect your computer with malware or viruses. Be cautious of unexpected attachments, especially if they come from an unknown sender or seem unrelated to the email’s content. If you’re not sure about an attachment, don’t open it. The below example is a phishing email made to look like a voicemail message. This is very common. You will also attachments made to look like FAXs,  ACH deposits,  and encrypted messages. Also be on the lookout for boobytrapped Word, Excel, and PowerPoint files (more info in another article). You can see by all the black blocks that this phishing attempt was personalized for the specific recipient. This is called spear-phishing.

Phishing email with attachments
Example 4. Phishing email with attachments.


6. Check for Poor Grammar and Spelling

Be on the lookout for poor grammar, spelling mistakes, or awkward phrasing. If an email looks like it was written by a non-native speaker or an automated tool, it’s probably a phishing attempt. With the rise of AI generated email this method of detecting phishing will loose its effectiveness.

Phishing email with poor grammar.
Example 5. Phishing email with poor grammar.


7. Verify the Request

If an email asks for sensitive information like your password or social security number or  asks about any sort of banking information, wire transfer updates, or ACH deposits, don’t do it, even if it looks like it is coming from a co-worker as their account might be hacked or spoofed. Always verify the request by contacting the person directly by phone. Do not call any number in the email as that might be go directly to the attacker. Legitimate companies will never ask for sensitive information through email, so any request of this nature should be treated with suspicion.



8. Hacked Emails from Legitimate Senders (Most Dangerous)

Hackers have been using a very devious tactic where they use hacked company accounts to send emails to other employees or companies your organization does business with. Usually the message has to do with a financial transaction update such as new bank account or payroll destination. A common tactic is to hijack an existing email chain so the person you are communicating with thinks it is part of an ongoing conversation.

The below email was sent from a hacked internal account to their client. It was inserted into an ongoing conversation and the hacker redirected messages from the inbox so the victim would not see replies. The hacker waited for over a week before striking. This attack resulted in a large financial loss. To prevent this sort of attack we recommend adding a disclaimer to every message that you will never ask for financial transaction updates via email and contacting your customers directly so they know you will never email them these types of requests. Training your employees to always call and verify (not using a phone # in the email but one on file) can also prevent disaster.


Achieve IT happiness like all our clients

"I can say without exaggeration that Wireguided provides the most excellent service I have ever experienced."

Esther GriswoldEsther GriswoldDirector | EDS Library

"Wireguided is great for us. We had wanted to switch IT companies for a while now. I only wish we had done it sooner."

Bruce DelleChiaieBruce DelleChiaieGM | Watertown Engineering

"My experience has left me feeling that Wireguided is more of a co-worker than a vendor. I can’t thank them enough."

Andrew HegartyAndrew HegartySr. Engineer | Faulkner Hospital

"Since Wireguided has taken over the care of our IT things have been much easier for us. They are only a phone call away."

Lisa WollastonLisa WollastonOffice Manager | Sweezey Fence Erectors



Wireguided LLC

4 Brook Street

Suite 20

Scituate, MA 02050



Get the latest updates

Thank You, we'll be in touch soon.

©Wireguided LLC 2023.  All rights reserved