Phishing emails: what to look for

24th June 2025

3.4 billion phishing emails* are sent each day: do you know how to spot them?

Phishing continues to be one of the biggest challenges in cyber security. It doesn’t matter how amazing your EDR system is or how robust your firewalls are, if a user is tricked into giving away their account information, then they can be breached.

The best way to counteract this is through education and training: users need to know what to look out for so that they think twice before handing over these details. That is where we come in: here are the signs to look for on an email that make it highly likely to be malicious:

1. Mismatched links: links are one of the most common ways that bad actors can get malware on to your device. They can also create links that send you to fake sites where they can obtain your details. Always ensure when you hover over a link that it looks legitimate i.e. it has the URL you expect. If not, don’t click!

2. Generic greetings: most of the time, you’ll get correspondence from people you know, or who are trying to contact you directly. However, if you think the greeting is a lot more generic (“Dear Sir/Madam,” or simply “Hello,”) then there is a good chance that a criminal has sent it to a wide group, and you should treat it as a phishing attempt.

3. Suspicious email domains: check who sent you the email – it may have a proper name with a company attached. If this is the case and you can find evidence of both the company and the person existing online, then chances are that the email is legitimate. On the other hand, if the details don’t turn up anything, or if the domain is just a serious of random letters and numbers, there is a strong probability that it is a cyber-attack.

4. Unsolicited attachments: if you’re not expecting to receive a file, even from an email address you recognise (as these can still be breached) then it may contain malware. Hover over the file to get the full name – that will often reveal if it is a legitimate file or a clear danger.

5. Poor spelling and grammar: often phishing attempts are made by people who are not English speakers – as a result, their spelling and grammar can often be quite poor. Obviously, translation tools and now AI can assist with this, but still, read the email and see if it reads as you would expect. If not, treat it as a threat.

6. Requests for sensitive information: if you are being asked for personal details, particularly those connected to important accounts (financial or business related), then you should double check the source. Look up company polices for organisations like banks or the government, as they will only contact you in certain ways to ensure a higher level of security.

7. Urgency or threats: cyber criminals design phishing attempts to scare the victim. If you believe you must do something fast, you are more likely to panic and hand over information without considering what you are doing first. Remain calm, determine if the email is legitimate, then proceed.

Follow these steps and you’ll have the best chance of avoiding becoming a victim of a phishing attack. There are ways that you can mitigate phishing attempts getting to you, which we will cover in another article, but in short things like an email quarantine with defined rules to catch these attacks will help to prevent phishing from even reaching you.

If you are unsure if an email is authentic or not, contact your cyber security support: they can help you safely determine if the email is safe to interact with. If you don’t have a reliable cyber security provider, talk to Interfuture Security.

*https://earthweb.com/blog/how-many-phishing-emails-are-sent-daily/