Five Red Flags of Phishing Emails (Think Before You Click)

by Nate Hoffelder

After a decade of running The Digital Reader, Nate is a veteran web publisher with experience in design, maintenance, recovery, and troubleshooting. What little he doesn't know, he can learn.

April 4, 2020

With scammers now weaving COVID-19 into their cons, now seemed like a good time for a refresher on how to spot phishing emails.


According to Wikipedia, phishing is “the fraudulent attempt to obtain sensitive information such as usernames, passwords, or credit card details by disguising oneself as a trustworthy entity in an electronic communication”.

To put it another way, phishing is when a scammer send you an email pretending to be a bank, retailer, or gov’t agency and tries to trick you into giving them money or info like a credit card number. They might also want you to click a link so they can hack your computer.

Scammers have adapted to the current crisis and are sending emails and IMs that claim the recipient owes fines for violating quarantine. The scammers are sending the emails en masse because they know someone is going to fall for it (and they are probably right).

Here are the red flags to look for so you don’t fall victim, and can instead put phishing emails where they belong.

1. Poor spelling and grammar

While occasional typos happen to even the best of us, an email filled with errors is a clear warning sign. Most companies push their campaigns through multiple review stages where errors are blitzed and language is refined. Unlikely errors throughout the entire message indicate that the same level of care was not taken, and therefore the message is likely fraudulent.

2. An offer too good to be true

Free items or a lottery win sure sound great, but when the offer comes out of nowhere and with no catch? There’s definitely cause for concern. Take care not to get carried away and click without investigating deeper.

3. Random sender who knows too much

Phishing has advanced in recent years to include ‘spear phishing’, which is an email or offer designed especially for your business. Culprits take details from your public channels, such as a recent function or award, and then use it against you. The only clues? The sender is unknown – they weren’t at the event or involved in any way. Take a moment to see if their story checks out.

4. The URL or email address is not quite right

One of the most effective techniques used in phishing emails is to use domains which sound almost right. For example, [microsoft.info.com] or [pay-pal.com]

Hover over the link with your mouse and review where it will take you. If it doesn’t look right, or is completely different from the link text, send that email to the bin.

5. It asks for personal, financial or business details

Alarm bells should ring when a message contains a request for personal, business or financial information. If you believe there may be a genuine issue, you can initiate a check using established, trusted channels.

While education is the best way to ensure phishing emails are unsuccessful, a robust spam filter and solid anti-virus system provide peace of mind that your business has the best protection available.


A single click can be the difference between maintaining data security and suffering massive financial losses, so it never hurts to be cautious.

If you get a suspect email, try to confirm its legitimacy through another source. Sometimes even posting a question on Facebook about the email, or doing a simple Google search, can save you from a terrible mistake.

Hi, I'm Nate.

I build and fix websites for authors, and I am also a tech VA. I can build you a website that looks great and turns visitors into fans, and I can also fix your tech when it breaks. Let me fight with tech support so you don’t have to.

My blog has everything you need to know about websites and online services. Don’t see what you need. or want personalized help? Reach out.

You May Also Like…


Submit a Comment

Your email address will not be published. Required fields are marked *

Skip to content