Phishing emails are the most common cyber threat, with over 3.4 billion sent daily. This guide teaches you exactly what to look for so you can identify a phishing email in seconds, even when it looks completely legitimate.
Not sure about an email?
Paste it here — our AI checks sender authentication, links, and manipulation patterns.
No signup · 6 detection layers · Results in seconds · Cmd+Enter
Don't just look at the display name — expand it to see the full email address. Scammers set display names like "PayPal Support" but send from random addresses like support@paypal-secure-verify.com. The domain after the @ sign must match the company's official domain exactly.
Hover over the sender name in your email client to reveal the real address. On mobile, tap the sender name.
Phishing emails almost always create urgency: "Your account will be suspended in 24 hours," "Unauthorized purchase detected — act now," or "Final warning before legal action." Legitimate companies rarely use this level of pressure in routine communications.
If an email makes you feel panicked or rushed, that's a red flag. Real emergencies are handled through official channels, not mass emails.
Before clicking any link, hover your mouse over it (or long-press on mobile) to see the actual URL. Phishing links often use lookalike domains (amaz0n.com), long URLs with the real domain buried deep in the path, or URL shorteners to hide the destination.
The domain name is the part right before the .com/.org/.net. Everything before it is a subdomain that anyone can create.
Legitimate companies that have your account use your real name. Phishing emails often use generic greetings: "Dear Customer," "Dear User," "Dear Account Holder." Some sophisticated phishing uses your name (from data breaches), but generic greetings are still a strong indicator.
Even if the email uses your name, apply all other checks. Scammers can obtain names from data breaches, social media, or company directories.
While AI has improved phishing quality, many scam emails still contain telltale errors: unusual word choices, awkward phrasing, inconsistent formatting, mixed fonts, or logos that look slightly off. Compare the email's style with previous legitimate emails from the same company.
Note: AI-generated phishing emails are increasingly error-free. Don't rely on grammar alone — use all the checks in this guide.
No legitimate company will ask you to provide passwords, full credit card numbers, Social Security numbers, or PINs via email. If an email asks for this information, it's a scam — regardless of how official it looks.
When in doubt, contact the company directly using the phone number on their official website — not any number in the email.
Be extremely cautious with email attachments you weren't expecting. Dangerous file types include .exe, .scr, .zip, .js, and macro-enabled documents (.docm, .xlsm). Even PDF and Word files can contain malware. If you weren't expecting an attachment, don't open it.
If you need to view an attachment from an unknown sender, open it in Google Docs or another online viewer rather than downloading it to your computer.