Seven signs of a phishing email

Egress | 13th Jul 2021

Over 6,500,000 phishing emails have been reported to the Suspicious Email Reporting Service (SERS) since it was set up last year — and many more will have gone undetected.

Phishing is an evolving threat that involves scammers tricking individuals into clicking malicious links or poisoned attachments for the sole purpose of stealing data (and sometimes money). Through new tactics and more sophisticated impersonation attempts, these scams are proving more difficult to spot. 

We’ve outlined the most common phishing schemes and their tell-tale signs below so that you can keep your data safe and avoid the consequences of a successful phishing scam.

Types of phishing attacks

There are different types of phishing attacks that you need to be aware of involving email:

  • Standard email phishing: A phisher casts a wide net and circulates a generic email containing a malicious link or attachment in the hopes that someone will take the bait.
  • Spear phishing: A phisher targets a specific individual using personal information found online to trick the victim into clicking a link or attachment.
  • Whaling: Whaling is a type of spear phishing attack where a phisher targets the “big phish” of the company (usually a C-suite member like the CEO) and manipulates them into transferring money or data.
  • Executive impersonation: A phisher impersonates a senior figure in the company by stealing their credentials or spoofing their email address. They then target junior employees or fellow C-suite members to trick them into handing over sensitive information or money.
  • Double-barrel phishing: A phisher builds trust with the victim by sending them a benign email first and follows up with an email containing a dangerous link or attachment. 

Seven signs of a phishing attack

1. Spelling errors

Large companies take time to craft and proof customer-facing emails before sending them (especially if the email is a generic template). Although typos do happen occasionally, a phishing email would contain unusual language. For example, it may be written in broken English with unfamiliar grammar, as many phishing attacks originate abroad.

It’s important to note that phishing emails have come a long way since the original scams in the 90s. They’re more sophisticated than ever. Keep an eye out for spelling errors, but just because there aren’t any doesn’t mean it’s safe — you need to look out for other signs too. 

2. Unfamiliar tone

If you frequently exchange emails with a colleague of yours, chances are you’ll understand how they speak, how they greet you, etc. If the tone of voice or language changes suddenly, you may be dealing with a phishing scam. For example, if the language is more formal than usual or overly friendly. 

3. Hyperlinks

Phishers often use blue text hyperlinks to conceal URLs that lead to spoofed websites or malware. It can be tempting to click first and think second; however, this could have serious consequences. Instead, if you’re on your desktop computer, hover your mouse over the link to reveal its real destination. 

4. A veiled threat or sense of urgency

Phishing emails are designed to make you panic to provoke a quick reaction. Scammers will demand immediate action and use phrases like “ASAP” to create a sense of urgency. Usually, they will also threaten a negative consequence if you fail to act.

Scammers hope that, by making you panic, you’ll ignore other phishing signs. Make sure to fight against human instinct and act cautiously by taking a closer look at the email and analysing the situation with a clear head.

5. An unusual request

Your workplace will likely have special protocols in place for matters related to personal data and making transfers. If the email asks for something to be done that’s not in line with the company’s normal processes, it could be a scam. 

For example, if you’re requested to send an urgent wire transfer to a supplier, even though the supplier is paid regularly via direct debit, ignore this or seek further verification (over the phone) before acting.

6. Incorrect email addresses and domain names

Another easy way to identify a potential phishing attack is to look for discrepancies in email addresses and domain names. Check the email address against previous exchanges with the supposed sender. 

If you haven’t contacted the individual before, check the domain name of the email address. Be careful not to gloss over more subtle changes, as scammers often choose a real domain name but switch out a single character. If they don’t match, don’t click.

7. Low-quality images

Scammers may try to catch you off guard by creating a signature that looks similar to the company they’re impersonating. But, take a closer look, and you may start to see differences in quality. Logos are an important part of any company’s brand. If you receive an email with a grainy, low-quality graphic, act cautiously and check for other signs of phishing. 

Learn more about phishing scams

Knowledge is the best defence against phishing. Explore our dedicated phishing hub to keep up to date with the latest tactics and advice. Want to learn more about how IT leaders are impacted and respond to phishing?  Check out our full Fighting Phishing report here.