Phishing scams are becoming more and more difficult to detect.  Here are ten common signs of phishing emails that can help you spot an attack.

1. An unfamiliar tone or greeting

If a message seems strange, it’s worth trusting your gut to investigate. 

2. Obvious grammar and spelling errors

You would expect emails originating from a professional source to be free of grammar and spelling errors.  Sure, errors are known to occur, but not to the extent of most phishing emails. 

3. Inconsistencies in email addresses

When unsure if a sender’s email address is legit, check your previous correspondence to confirm. 

4. Strange links and domain names

If a link is embedded in the email, hover the pointer over the link to verify what ‘pops up’.  If the domain names don’t match, don’t click.  The ‘Phish Alert Report’ should be used to confirm its safety.  (See below for instructions.)

5. Threats or a sense of urgency

In a bid to fluster the receiver, one common tactic is to use a sense of urgency to encourage immediate action.  The scammer hopes that by causing panic, the content might not be examined thoroughly.

6. Unusual request

If the email is asking for something that is not the norm, this could be an indicator that the message is potentially malicious.

7. Short and sweet

Many phishing messages are sparse in information.  For example, a scammer sends a message from a familiar contact’s spoofed email address that says, ‘here’s your info’. 

8. Request for sensitive information

An attacker has created a fake landing page that recipients are directed to.  The fake landing page will have a login box or request that payment is made to resolve an issue.  As always, contact the company directly and don’t use email-provided links for these scams.

9. Suspicious attachments

If an email with an attached file is received from an unfamiliar source, do not open the attachment.  The ‘Phish Alert Report’ should be used to confirm its safety.  (See below for instructions.)

10. Sender doesn’t want to speak to you

If the sender does not want to speak over the phone and only wants to communicate via email, this is a red flag.  Before fulfilling any request for money, information, etc., it is always best to speak in person or over the phone to confirm identity.