|   Providing IT Happiness Since 2001

Identifying Phishing Emails

Spotting dangerous emails and preventing catastrophe



It seems more and more of the email we receive is either spam, newsletters you didn't sign up for, or worse. While email is a convenient way of staying in touch, it is also the prime target for phishing scams. So, how can you spot a phishing email? Here are some tips to keep in mind.

Please view our companion articles: Have I Been Hacked? and real world Phishing and Scam Examples.

Check the Sender’s Address

Phishing emails often use a fake or similar-looking email address to trick you into thinking they’re legitimate. Keep an eye out for typos, misspellings, or a different domain name. The sample below shows an email from ‘Microsoft’ but the sender’s email address is a hacked account from University of Utah.

Beware of Urgency or Threats

If an email has a threatening tone,  mentions it is urgent to reply, says access will expire, or is marked as ‘High Importance’ take a closer look. Scammers often use fear tactics to make you act quickly. Don’t let them pressure you into making a mistake. The example below says the user must act before they are locked out of their email. It also has a spoofed email address as in example 1.

Don’t Click on Links

Phishing emails may contain links that direct you to a fake website that looks identical to the real one. Before clicking on any link, hover your mouse over it to see the URL (do not click, just move the mouse over it). If it looks suspicious or unfamiliar, don’t click on it. The below example show a phishing email with a tempting link (like the examples above). It also has a spoofed email address (see a pattern?).


Beware of Attachments

Phishing emails may contain attachments that can infect your computer with malware or viruses. Be cautious of unexpected attachments, especially if they come from an unknown sender or seem unrelated to the email’s content. If you’re not sure about an attachment, don’t open it. The below example is a phishing email made to look like a voicemail message. This is very common. You will also attachments made to look like FAXs,  ACH deposits,  and encrypted messages. Also be on the lookout for boobytrapped Word, Excel, and PowerPoint files (more info in another article). You can see by all the black blocks that this phishing attempt was personalized for the specific recipient. This is called spear-phishing.


Look for an External Email Warning Banner

Keep an eye out for email banners that indicate the message was sent from outside the organization. Paying attention to these banners and warnings can help you identify phishing emails and protect yourself from cyber attacks. The sample below shows an example of a warning banner tipping the recipient off that this is not from their organization. It also has a spoofed email address.


Check for Poor Grammar and Spelling

Be on the lookout for poor grammar, spelling mistakes, or awkward phrasing. If an email looks like it was written by a non-native speaker or an automated tool, it’s probably a phishing attempt. With the rise of AI generated phishing emails this method of detecting phishing will lose its effectiveness.


Always Verify the Request

If an email asks for sensitive information like your password or social security number or wants any sort of banking information, wire transfer updates, or ACH deposits, don’t do it, even if it looks like it is coming from a co-worker as their account might be hacked or spoofed. Always verify the request by contacting the person directly by phone. Do not call any number in the email as that might be go directly to the attacker. Legitimate companies will never ask for sensitive information through email, so any request of this nature should be treated with suspicion.


Emails from Legitimate Senders (Most Dangerous)

Hackers have been using a very devious tactic where they utilize a hacked company account to send emails to other employees or companies your organization does business with. Usually the message has to do with a financial transaction update such as new bank account or payroll destination. A common tactic is to hijack an existing email chain so the person you are communicating with thinks it is part of an ongoing conversation.

The below email was sent from a hacked internal account to their client. It was inserted into an ongoing conversation and the hacker redirected messages from the inbox so the victim would not see replies. The hacker waited for over a week before striking. This attack resulted in a large financial loss. To prevent this sort of attack we recommend adding a disclaimer to every message that you will never ask for financial transaction updates via email and contacting your customers directly so they know you will never email them these types of requests. Training your employees to always call and verify (not using a phone # in the email but one on file) can also prevent disaster.


Need in-depth training? Contact Wireguided for all your IT needs.

Achieve IT happiness like all our clients

"I can say without exaggeration that Wireguided provides the most excellent service I have ever experienced."

Esther GriswoldEsther GriswoldDirector | EDS Library

"Wireguided is great for us. We had wanted to switch IT companies for a while now. I only wish we had done it sooner."

Bruce DelleChiaieBruce DelleChiaieGM | Watertown Engineering

"My experience has left me feeling that Wireguided is more of a co-worker than a vendor. I can’t thank them enough."

Andrew HegartyAndrew HegartySr. Engineer | Faulkner Hospital

"Since Wireguided has taken over the care of our IT things have been much easier for us. They are only a phone call away."

Lisa WollastonLisa WollastonOffice Manager | Sweezey Fence Erectors



Wireguided LLC

4 Brook Street

Suite 20

Scituate, MA 02050



Get the latest updates

Thank You, we'll be in touch soon.

©Wireguided LLC 2023.  All rights reserved