Your Basket
Cyber security for any size of business
CREST member company
Team of friendly certified experts
5 ways to spot a phishing email

5 ways to spot a phishing email

Phishing emails are the most common online threat. It is essential to know how to spot a phishing email and what to do with them. Here are five ways to spot, and defender yourself against, phishing attacks.

1 - Requests to confirm personal information

An email will arrive in your inbox. It will look very authentic. The style matches the style used by your company or your bank, or some other establishment you trust, like HMRC or the DVLA. Criminals go to greats lengths to fool you into believing that it is the real thing. These emails will make requests that you wouldn’t normally expect, and it is a strong tell that the email is not from who it claims to be.

Be very wary of emails requesting you to confirm personal information. No organisation will ever do this out of the blue. Do not reply or click any links. Even if you think it might be genuine. 

2 - URLs and addresses do not look genuine

A well-crafted phishing email will come from an address that appears to be genuine. For example, our emails are, so some ways the criminals might mask an email address by using something like these: or

The body of text often hides malicious links along with the occasional genuine one. These links should be checked first, by hovering over and inspect each one first.

3 - It’s poorly written

You can often spot a phishing email by the poor language and spelling used in the message. Always read through email and check for the obvious spelling and grammar mistakes. If the email you received is unexpected and contains many mistakes, this can be a strong indicator of a phish.

4 - There’s a suspicious attachment

Always be suspicious when an email contains an attachment. Even if the attachment appears genuine, it’s always good to scan it first using antivirus software.

5 - The message makes you panic

Phishing emails are very often time bound. Do this now! It is common for the phishing email to make you panic. It is what the criminals want you to do. The email might tell you your account may have been compromised, or your computer has been taken over by the criminal. They might even claim they have been filing you. These are positive signs that the email is a phish and the right thing to do is to delete it.

When in doubt, delete it

Links in emails, social media posts and online advertising are some of the most significant ways cybercriminals try to steal your personal information. Even if you know the source, if something looks suspicious, delete it.

Sign up to our newsletter

Keep up to date with the latest cyber security news and updates with our newsletter