How to Spot a Phishing Email: 10 Warning Signs Everyone Should Know

Every single day, millions of phishing emails land in inboxes around the world. These carefully crafted fake emails impersonate your bank, Amazon, PayPal, or Netflix — with one goal: to steal your personal information, passwords, or money.

The good news? Once you know what to look for, phishing emails are surprisingly easy to spot. Here are the 10 warning signs every person should know.

The sender’s email address looks wrong

This is the single most reliable way to identify a phishing email. Scammers use display names that look completely legitimate — “PayPal Customer Service” — but the actual email address behind that name tells a completely different story.

Always tap or hover on the sender name to reveal the real address. A genuine PayPal email will always come from @paypal.com. If it ends in @paypal-secure-login.com or @gmail.com — it is fake, no exceptions.

Sense of urgency or panic

Phishing emails are engineered to make you act before you have time to think. Watch for phrases like “Your account has been suspended — act immediately” or “Unusual activity detected — verify your identity now”. Legitimate companies do not create panic to force clicks.

Spelling mistakes and odd grammar

Professional companies proofread every customer communication. Phishing emails frequently contain multiple spelling mistakes, awkward phrasing, or sentences that do not read naturally. Read the email out loud — if anything sounds off, treat the whole thing with suspicion.

Generic greeting

Your bank knows your name. Any company you genuinely have an account with will address you personally — not “Dear Customer” or “Dear Account Holder”. A generic greeting is a clear sign the message was mass-sent to thousands of addresses at once.

You are asked to click a link

Before clicking anything, hover over links to preview their destination. A real Amazon link points to amazon.com. A fake one might point to amazon-account-verify.net or amaz0n.com. Look for misspellings, extra words, or unusual domain extensions.

An unexpected attachment

If you were not expecting a file, do not open it. Phishing attachments disguise themselves as invoices or shipping confirmations. Be especially cautious of .exe, .zip, .docm, and .xlsm files.

It asks for personal information

No legitimate company will ever ask you for your password, full credit card number, or PIN by email — ever. If an email requests this information, regardless of how convincing it looks, do not provide it.

Email from a free email service

Your bank does not send security alerts from barclays_support@gmail.com. Genuine business communications always come from professional email domains matching the company name exactly.

Offer seems too good to be true

You have won a competition you never entered. You are owed a tax refund. A wealthy stranger needs your urgent help. If an email offers something that defies belief — it does not believe in you either.

Something feels off

Trust your instincts. If something about an email makes you uneasy — a slightly wrong logo, an unusual tone, a domain name that is almost correct — that feeling is worth taking seriously. Scammers work hard to create urgency to override your better judgement.

What to do when you receive one

• Do not click any links or open any attachments
• Do not reply to the sender under any circumstances
• Mark it as spam or phishing in your email application
• Delete it permanently
• If unsure, contact the company directly via their official website
• If you accidentally clicked a link, change your password immediately and enable two-factor authentication

Phishing emails depend on panic and inattention. Now that you know all ten warning signs, take three seconds to check the sender address on every email that asks you to do something — that one habit will protect you from the vast majority of phishing attacks.