Phishing Emails: How to Identify & Avoid These Scams

What is Phishing?

Fishing is a relaxing way to enjoy spending some time outdoors, something you might do on a boat or on a camping trip. Phishing with a “ph” is something entirely different, and something cybercriminals have been doing for years in order to steal information, and ultimately, to steal money.

The cybercriminal impersonates a business or a person in order to trick you into giving up personal information or clicking on a link so that they can install malicious software on your computer.

To help you protect yourself-and your business-from these criminals, it’s important to know what you are looking for in order to recognize a phishing attempt.

Now, there are many different kinds of phishing attacks including texts, phone calls, pop-up messages on the website, but today we are going to focus on one of the most common attacks: email messages.

According to, email phishing is when fraudulent emails are created to look like the ones sent from legitimate companies. They may contain an email address that looks like someone who works at the company because it makes victims more likely to trust that they are coming from a reliable source. But, the fraudulent emails contain fake links or forms that are designed to steal sensitive information.

Tips for Recognizing a Phishing Email

Too Good to be True Offers

Does the offer in the email seem like it’s too good to be true? Did you somehow win a pre-paid vacation for a contest you can’t remember entering? Then, it’s probably a scam that’s just trying to get you to click on a malicious link.

Spelling Mistakes and Bad Grammar

One or two spelling errors is bound to happen once in a while, but when the whole email is riddled with spelling mistakes and bad grammar, it’s more than likely coming from a cybercriminal.

Unusual Info in the “To” and “From” Fields

If your email is listed as the “from” address, it’s fake. And if you notice there are multiple addresses listed in the “to” field, then more than likely it’s not legitimate, especially since businesses will only address their correspondence to you directly when it’s about a sensitive matter.

Threats or Warnings

If you don’t fill out this form immediately, your bank account will be permanently closed.” That’s the sort of threat or warning that’s more than likely a phishing email. A legitimate business email might inform you that you need to take action on something, but more than likely they won’t make you fill out a form from an email.

Ways to Fight Against Phishing Emails

Here are some ways you can make sure your organization’s and employees’ information is safe from phishing emails:

  • Don’t open email attachments from unknown senders
  • Keep link clicking to a minimum
  • Verify information over the phone or in-person
  • Increase your security and spam filters
  • Notify the authorities about phishing attempts
  • Don’t ever include sensitive information in an email


Phishing emails are not always easy to spot because cybercriminals work hard to trick potential victims. But you can outsmart them if you know what to look for and how to protect yourself. Stay one step ahead with data security training.