Phishing is not a new phenomenon – it has been the most common attack vector for cybercriminals for a number of years – but, due to the increasing complexity of phishing scams, knowing how to spot a phishing email is becoming more important than ever before.

1. Emails with Bad Grammar and Spelling Mistakes

Another way to spot phishing is through bad grammar and spelling mistakes. Many companies apply spell-checking tools to outgoing emails by default to ensure their emails are grammatically correct. Those who use browser-based email clients apply to autocorrect or highlight features on web browsers.

2. Emails with an Unfamiliar Greeting or Salutation

Emails exchanged between work colleagues usually have an informal salutation. Those that start “Dear,” or contain phrases not normally used in informal conversation, are from sources unfamiliar with the style of office interaction used in your business and should arouse suspicion.

3. Emails Demanding Urgent Action

Emails threatening a negative consequence, or a loss of opportunity unless urgent action is taken, are often phishing emails. Attackers often use this approach to rush recipients into action before they have had the opportunity to study the email for potential flaws or inconsistencies.

4. Emails Requesting Login Credentials, Payment Information or Sensitive Data

Emails originating from an unexpected or unfamiliar sender that request login credentials, payment information or other sensitive data should always be treated with caution. Spear phishers can forge login pages to look similar to the real thing and send an email containing a link that directs the recipient to the fake page. Whenever a recipient is redirected to a login page or told a payment is due, they should refrain from inputting information unless they are 100% certain the email is legitimate.

The best way to avoid phishing scams is to take precautions before clicking on any suspicious links or opening any suspicious attachments. Be sure that you know who you are communicating with before sharing any personal information such as your social security number, credit card number, or home address.