5 tips for recognizing phishing attempts (phishing email examples)
1.The email requests sensitive information
This is a dead giveaway because legitimate companies will never request your sensitive information via email.
One way a fake email attempting to steal information from you may do so by saying an account you have for a legit company has been hacked and they need you to provide your login information to retrieve it.
For example, the email might say something like:
“Dear user, your account has been locked because of a hacking attempt. We need your username and password to retrieve your account.”
The email might ask for you to respond directly with your login details or provide a link for you to click on and enter your info. Again, a legit email from a real company should never request sensitive information from you.
2.The email address is not from the company’s domain
This is another easy way to spot a fake email attempting to steal your data is by looking at the domain the email was sent from. Major companies all send emails from a legit company domain.
For example, a legit email from Amazon’s customer service would come from the domain:
“@amazon.com.”
A fake email pretending to be Amazon could come from a domain like:
“@customerservicexyz.com.”
While fake domains are often pretty obvious, it can sometimes be hard to distinguish fake domains from real ones if you don’t already know what the real one is. Phishers can send emails from domains with company names in them that look similar to the legit domains.
If you ever have any doubts about the legitimacy of an email’s domain, do some research about it to try and determine if it is real.
You can do this by either Googling the domain a suspicious email comes from or by Googling a few lines from the body of the email to see if it pulls up any info about a known phishing attack.
You can also look at past emails from a company to see what domain they come from so you know how to spot phishing emails attempting to trick you into thinking they’re from that company.
3.The email contains spelling/grammatical errors
The odd typo is not unheard of in legit emails, but if you receive a suspicious email with all kinds of grammatical and spelling errors in it, that’s a sure sign of a phishing attack.
Official communications from big companies are written by people who speak English as a native language and pass through a review process to catch any errors, so they should be pretty polished by the time they arrive in your inbox.
For example, a phishing email with incorrect spelling and grammar might read something like:
“Dear sirs, we have informed that your accounts informations is needed to be update now. Please provided us with your login and pasword to continue the using of your accout.”
Even if a phishing email doesn’t have any glaring spelling or grammatical errors, there’s a good chance it will just sound plain weird. If you think the language of an email doesn’t sound professional or the word choice seems strange, there’s a good chance it’s phishing.
4.The email contains attachments
Emails from legit companies will never send you unsolicited attachments. Phishing emails, on the other hand, often include an attachment and request you to click on it to download it.
For example, a phishing email might say something like:
“Please download the attached file to update your account information.”
Then, there will be an attachment that could be named something like:
“Updateinfo89543.html”
The bottom line is: never click on any attachments you’re not expecting to receive. They can install malware on your device to steal your data.
5.The email has suspicious links
Similarly to attachments, phishing scams will often attempt to get you to click on links that take you to a fake site or install spyware on your system.
Phishers can use many different pretenses to try and get you to click on such links.
For example, you might receive an email from a “travel agency” informing you that you’ve “won” a free vacation.
The email might say something along the lines of:
“Dear winner. You have been selected to spend 3 nights at a Caribbean resort. You MUST click on the link below to claim your prize.”
Once you click on the link, it might just automatically download malware onto your computer that can log your data, or it might take you to a fake site that asks you to enter personal information, like your ID and credit card numbers.
Never click on links in unsolicited emails or in emails that aren’t from people or organizations you trust.
Conclusion
We hope these phishing email examples have given you a better idea of what to watch out for to protect yourself from phishing attacks.