How to Identify Phishing Emails and Keep Yourself Safe

by Reese Kimmons, MS ISA

Many messages sent by scammers share similar characteristics. Knowing how to spot a malicious email, text, or social media message will help you protect yourself should you be targeted by criminals attempting to steal sensitive data like account login credentials or payment card information.

This knowledge will also help you protect your employer, and possibly your job, should bad actors target you at work to try and steal sensitive information about your organization.

Keep reading for details on how to identify phishing emails and keep yourself safe from identity theft and other scams.

Be Suspicious of “Urgent” Messages

how to identify phishing emails

If the subject line of an email conveys a sense of urgency, that’s a strong indicator that it may be a scam email. Criminals often try to get you to act quickly without investigating the validity of their claims.

Phishing messages may indicate that you’ll be rewarded if you take some action right away, perhaps stating that you’ll receive a great deal of money if you act before the bogus offer expires.

Alternatively, they may try to frighten you, claiming something bad will happen if you don’t act immediately. Some even pose as law enforcement or other government representatives and threaten you with fines or arrest.

If you receive one of these urgent messages, don’t click links, reply, or call any included phone numbers. If you believe the message could be legitimate, do some investigation. For example, if the message indicates you’ve won some contest put on by a well-known retailer, search online for the retailer’s website and find out whether the contest is real.

If the sender claims to be from the IRS or some other government entity, find the contact information for that agency through an online search and contact them directly. If it is a scam, the agency will probably appreciate being made aware of it.

Examine Links in Emails

how to identify phishing emails

If you receive a suspicious message that includes links, you can hover your mouse over them and examine the underlying address information to look for discrepancies. The URL in the link could be spoofed and be different from the address to which the link actually points.

Look for subtle differences in spelling. Scammers often try to make a link look legitimate by using a spelling that looks very similar to a well-known site address. For example, you might see something like “” or “”

Cyber criminals can use a number of tricks to cause message recipients to click a link and wind up on a malicious site designed to steal valuable and sensitive data. The best and safest practice is to simply avoid clicking links in suspicious messages altogether.

Look for Bad Grammar and Mistakes

Many dangerous emails originate in countries where English is not the native language. Consequently, scammers operating in those areas are more likely to make grammatical mistakes and spelling errors when crafting their messages.

If you receive an email, text, or social media message that contains poor grammar or spelling mistakes, it may very well be a scam, especially if it supposedly comes from a legitimate organization that would be unlikely to make such mistakes.

Some bad actors actually misspell words and include seemingly-random special characters intentionally. They are aware of certain keywords that spam filters use to weed out suspicious emails and will misspell those keywords or include characters within them to get them past email filters.

Examine the Sender’s Address

how to identify phishing emails

Different email applications offer different methods for examining the underlying address of the message sender. What you see in the “From” field can, and often does, differ significantly from the sender’s actual address.

It’s a good idea to find out how to view the email header information in the email application you use. For example, in gmail, you can simply click the small down arrow below the sender’s address to verify that address and other details about the message.

Often, you’ll find that the email didn’t come from the person or entity listed in the From field. If the sender’s underlying address includes a lot of random characters, that’s a good sign that it’s a scam.

While you’re looking at the header information, check for addresses listed in a “reply to” field. You may find that there is a long list of email addresses that would receive any reply you send. This will cause you to end up on a list of vulnerable recipients and increase the number of malicious and spam messages you’ll get going forward.

Call the Sender

calling on the phone

If you receive an email that appears to be from someone you know and trust but differs somehow from the messages they ordinarily send, there is a chance that the sender’s email may have been hacked and that the criminal is using their contact list to target you and others.

If you do get one of these messages, simply call the sender using a number you know to be correct and ask if the email is legitimate. If it isn’t, let the sender know that his or her email may have been compromised.

Protecting Yourself on Social Media and Messaging Apps

how to identify phishing emails

Criminals often utilize social media platforms and text messaging to perpetrate their scams. Many of the warning signs are the same as those used to identify malicious emails. They include claims of urgency, misspelled words and grammatical errors, impersonation tactics, and malicious links and phone numbers.

You may even encounter dangerous links in banners, your Facebook friends’ posts, and in comments posted by criminals posing as Twitter brand ambassadors. Bad actors can even cause links to their sites to appear in ads appearing within legitimate websites.

Again, the best practice is to avoid clicking suspicious links altogether and to run separate searches to investigate any claims or offers to determine whether they are legitimate.

Add in Some Security Basics

how to identify phishing emails

Anyone can make a mistake, so it helps to have some additional safeguards in place just in case. These include:

  • Using a separate, prepaid debit card for your online shopping
  • Making sure that all of your passwords are complex and that you are using a different password for each of your accounts
  • Taking advantage of two-factor authentication wherever it is offered

If you do your online shopping with a prepaid debit card, you’ll ensure that, if the card information is stolen, your bank account won’t be emptied. 

If using different passwords for every account sounds too burdensome, consider getting a password manager app that will generate as many complex passwords as you need and remember them for you.

Using two-factor (or multi-factor) authentication adds one more component to the login process, most commonly in the form of a PIN number sent to your phone. If a bad actor manages to steal your login credentials to an account where two-factor authentication is in use, he or she will be still unable to access the account without that additional login element. This will give you time to reset your password.

How to Identify Phishing Emails: In Closing…

Every day, cyber criminals look for new ways to scam you out of your money and personal data. They may also target you at your job, perhaps attempting to steal information that will provide them with access to your employer’s internal resources or to get you to click on a link that will install malware on your company’s systems. If it’s ransomware, your employer could suffer damages that can rise into the millions of dollars.

Following the simple recommendations provided in this article will help you learn how to identify phishing emails, become a hard target for these criminals, and cause them to pass you by.

About the Author:

Reese Kimmons is an experienced IT executive with an AAS in Applications Programming, a BS in IT Management and an MS in Information Security and Assurance. During his time in the IT industry, Reese has earned certifications in ethical hacking, forensics investigations, ISO/GIAC, and Cisco networking.

Leave a Comment

Your email address will not be published. Required fields are marked *