Back to Course
Լight modeDark mode

What is Email Phishing?

Phishing emails are fake emails that pretend to be from a trusted source (like from a company you know) but are actually sent by bad actors. The goal of these messages is to steal personal data, which can then be used for identity theft or other frauds like card skimming from stolen credit card details. The scammers behind these kinds of scams are always looking for ways to get your personal information so they can pull off other scams later on.

Email phishing is becoming more common as people spend more time online and less time reading physical mail. This makes it easier for fraudsters to reach out and contact their victims via email.

What are the Indicators of a Phishing Attempt?

Now let’s get down to the most common indicators of a phishing attempt:


Grammar and Spelling Errors

A common indicator of a phishing attempt is the presence of grammar and spelling errors in the email content. The reason for this is that most emails originating from an untrusted source are not written by professionals. This means that there are no spell-check features on their servers, and no proper proofreading or editing process.


In contrast to this, professional businesses are careful about spelling in their outbound email communications. Plus, they have hired professional copywriters to craft their email marketing messages.


Some common grammar and spelling errors in phishing emails are:


➜ Missing quotation marks (‘),periods (.),commas (,) and colons (:)


➜ Incorrect capitalization of words or phrases (e.g., “i am Bob”)

➜ Informal contractions like “u” instead of “you”


Unfamiliar Tone

The unfamiliar tone of an email is one indication that a phishing attempt is underway. It’s important to note that there are several ways to detect this, so it’s important to be aware of the different types of unfamiliar tones.


One way to spot an unfamiliar tone is by noticing that the email feels like it’s been created by someone who doesn’t know you very well. For example, the tone of the email may feel off from what you’re used to receiving from your company or other contacts.

Another way is by noticing that the email doesn’t seem to be related to anything going on in your life. For example, if you’re not expecting a bill to come in the mail but suddenly get an email that looks like it’s from your bank, this is a red flag.


Receiving Email at an Unusual Time

If you receive an email at a time that is unusual for you to be receiving emails from the sender, this is another indicator.

For example, 

if you’re used to receiving work-related emails during normal business hours but suddenly get an email from your boss after 11 p.m., this may be a sign that your inbox has become the victim of a phishing attempt. Or if someone sends you an email in the middle of the night on a Saturday or Sunday, that’s probably not normal.


Sense of Urgency

Another sign that an email is malicious is if it threatens you or makes you feel like you have to act quickly. 

This could be a warning about your account being suspended, for example, or pressure to respond within 24 hours or risk compromising your security. If the message makes you feel like something bad will happen if you don’t respond quickly, this may be a phishing attempt. For instance, a message saying that your account will be suspended if you don’t confirm your details could be a sign that it’s malicious.


Suspicious Attachments

A common indicator of a phishing attempt is a suspicious attachment. The bad guys often use phishing emails to send these attachments because they know many people are curious enough to open them and click on whatever links or buttons they contain.

These attachments may be a Word document or zip file, for example. But if you open the attachment and it’s malicious, it could infect your computer with malware that steals your login credentials. If you get an email with a suspicious attachment, don’t click on it!

Although it’s best to scan attachments for viruses before opening them, some email providers— like Gmail and Yahoo —have incorporated advanced checking filters that will automatically show the attachment in question as ‘Blocked Attachments’ if found suspicious.


The Recipient Never Started the Discussion


Phishing attempts are often initiated by scammers or hackers who send emails to random people and hope that someone falls for them. If you didn’t initiate the conversation, then the email may be a phishing attempt.

To entice the recipient, many cold emails state that he or she has won a prize, qualifies for one if they reply right away, and will not be eligible at all if they do not respond. So in cases where the recipient is not a current or former customer, there is an increased probability that the email will be spam.


Abnormalities in Email Addresses, Hyperlinks, and Domain Names

Phishing emails are often sent from an address that is not consistent with the domain name or website of the organization that is being impersonated. For example, if you receive a message purporting to be from Microsoft but it was sent from an email address that ends in or, then this should raise red flags for you.

It is also a good idea to check that the originating email addresses match previous correspondence. If there are hyperlinks in the email, hover over each one to see what URL it will take you to. If an email is supposedly from Amazon, but the hyperlink directs you to a different website entirely (like,that’s probably evidence of fraud.


Email Coded Entirely as a Hyperlink

Email coding is a new practice among fraudsters and scammers. They know that people have got smart, and they will not click on a link given in the email. Therefore these fraudsters code the entire email as a hyperlink in <HTML> format. When an email is coded entirely as a hyperlink, the whole email becomes clickable. This means when a user clicks anywhere inside the email message it takes them to the imposter page.


Unrealistic Demand or Request

Phishing scams typically begin with an email or other communication that asks you to take action. The request might be a reasonable one, such as asking you to confirm or update your personal information. However, some phishing attempts are designed to make you do something that seems unreasonable or unlikely—such as paying a bill through a new payment method or providing your login credentials to a third party for verification.


Emails with Brief Description

Not all phishing emails are long and detailed, but some short ones can fool you into thinking they’re legit. These kinds of short emails are usually brief and to the point—they often begin with “here’s your requested information” and then immediately attach malware files. For instance, scam artists will create spoofed emails from Peter of XYZ company that appears to be from a trusted vendor or supplier. These messages may include vague requests for information bundled with an attachment titled “additional information”, in hopes of luring the victim into clicking on it and compromising their computer’s security.

Some Common Phishing Terms

Apart from email phishing, here are some common types of phishing attacks: 


Spear Phishing 

Spear phishing is a targeted form of phishing that uses personal information to convince the recipient to take a specific action. The goal of spear phishing attacks is to access confidential or sensitive information, such as user names, passwords, credit card numbers, and Social Security numbers. 

Spear phishing attacks typically use email messages that appear to come from legitimate sources, such as banks and other financial institutions, payroll departments, and online retailers.


Clone Phishing

Clone phishing imitates alert emails from reputable companies to trick consumers into disclosing private information like usernames and passwords.


Whaling and CEO Fraud

Whaling attacks are synonymous with CEO fraud, which is a popular tactic used by cybercriminals to defraud companies. In a Whaling attack, attackers target individuals who are in authoritarian or decision-making positions in an organization. It is a potent form of a targeted phishing attack that aims at stealing information, and credentials or initiating wire transfers.


Business Email Compromise 

Business Email Compromise (BEC) is a form of cybercrime that can be extremely costly to businesses. This type of cyber attack uses email fraud to influence organizational domains into partaking in fraudulent activity resulting in the compromise and theft of sensitive data.


Angler Phishing

Angler phishing is the act of reaching out to disgruntled customers over social media and pretending to be part of a company. The angler phishing scam is a simple ploy used to trick casual social media users into thinking that a company is trying to remedy their problems when in reality, the person on the other end is taking advantage of them.


Phishing-as-a-Service (PhaaS) 

Phishing-as-a-Service (PhaaS) is a type of organized cybercrime where criminals over the web offer phishing services to others in exchange for money. PhaaS providers often create fake websites and landing pages that look real, making it even harder for people to spot the scam.

How to Prevent Phishing Attacks?

Keep Your Antivirus Software Up to Date

It’s important to keep your antivirus software up-to-date to detect new threats as they emerge. If you’re using a commercial product, ensure it’s regularly updated and supports the latest browser version. If you’re using an open-source solution, make sure it has been updated recently. You should also perform regular scans with the tool to ensure it’s working correctly and hasn’t been compromised by malware or other problems.


Two Factor Authentication

Two-factor authentication uses something different than passwords and PINs for login access to help protect users against phishing attempts. Two-factor authentication usually involves a one-time code that must be entered after entering a password or PIN instead of relying on a traditional password, making it harder for hackers to access accounts.


Educate Yourself and Your Employees

If you are a business owner, you should educate employees about phishing emails through a phishing awareness program. You can help them avoid falling for phishing emails by educating them on the difference between a legitimate email and one that’s not. You can also require them to verify their accounts with us before entering sensitive information online.


Use Email Authentication Protocols 

DMARC, SPF, and DKIM are email authentication protocols that you can deploy to protect your email against phishing attacks. They give recipients the ability to confirm whether an email seeming to be from a specific domain was sent by a mail server authorized to send emails on that domain’s behalf.


We will get back to in-depth explanations on these in the following modules. 

Course content
Email Authentication Fundamentals