Phishing emails still run rampant today, with ill-willed individuals setting up traps to steal information from unsuspecting users. Unfortunately, many people still fall for it, mostly because they are not educated about this kind of threat.

Given its prevalence in society, it won’t be a surprise that you’ve encountered your own fair share of suspicious-looking emails. More often than not, these kinds of cringe-worthy email are asking you to login with your passwords, has spelling and grammatical mistakes all over it, and has a weird address to it—all of which sound alarm bells pointing to it being a phishing email!

With that being said, some phishing emails are well-crafted, making them look legitimate and trustworthy. For that reason, it pays to know exactly what to look for to find out whether an email you have received is a genuine email or not.

Here are the red flags to keep an eye out for:


1. Look at the sender’s address

When you receive an email, the first place you should look at is the sender’s address. It can look anything like “[email protected]” Of course, the address will vary from each sender, but there are signs to prove that an email is not what it seems to be.

While looking at the sender’s address, see if it is the same as the organisation that it has been sent from. Any inconsistencies in the email can prove that it is not from the real company. For example, there might be a different domain name after a company name such as “” or that the letter “I” and “O” are replaced with the number one and zero.

These inconsistencies are a red flag that the email is fake and that it is likely a phishing email!


2. Look at its content

If the sender’s email address looks legitimate, then look at the content. See what it wants from you. Is it only sharing some information with you, or is it asking for you to do something?

If it is the latter, then you will have to do a little more digging—there’s a chance that it might be an actual email from the company, after all!. For instance, if it asks you to log in, check whether the login site redirects to the proper website. If, by any chance, you have logged in multiple times but find that the password was “wrong,” then it is likely that the page is only used to steal your credentials! Change your password immediately if that is the case.

To add to that, if the email is sending an attachment, make sure to see if the attached file is in the proper file format. Sometimes, it might automatically download a file into your system—which can be a malware in disguise. Some antivirus software can catch this before it is too late, but it is always better to be safe than sorry.

If you find anything suspicious at all, whether from the content of the email or the sender’s address, then you are better off deleting the message or leaving it there for a more thorough scan later. As a business owner, it’s crucial to train and educate all your employees about phishing emails and all the other digital threats around the web. This way, you can ensure your business can run smoothly without dealing with security compromises that can hurt your business and even bring it to its end.


Are you looking for a cybersecurity agency that can provide your business with protection against phishing? FraudWatch International is a leading cybersecurity agency offering protection services for worldwide brands. Get in touch with us today and let us secure your business from online threats!