How to identify a phishing email

Phishing emails can be identified by checking for suspicious sender addresses, urgent language, and mismatched links.

How to identify a phishing email

Phishing emails attempt to trick recipients into providing sensitive information or clicking malicious links. Learning to identify them is a critical security skill.

Common phishing indicators

  • Suspicious sender address: The email domain doesn't match the claimed organization
  • Urgent or threatening language: "Your account will be suspended" or "Act now"
  • Generic greetings: "Dear Customer" instead of your name
  • Mismatched links: Hover over links to see if the URL matches the claimed destination
  • Poor grammar and spelling: Many phishing emails contain errors
  • Unexpected attachments: Be cautious of unsolicited files

What to do if you suspect phishing

Do not click any links or download attachments. Report the email to your IT department and the organization being impersonated. Most email providers also have a "Report phishing" option.