How to spot a phishing email

It's important network users know how to identify social engineering emails — otherwise known as a phishing email.

Why? Because one click on a bad link or one download of an infected attachment could bring a whole network down and wreck a business, especially if it is dependent on its network and data.

So how do you prevent such a disaster from happening? On top of taking the appropriate protective measures such as implementing firewalls, anti-virus software, back-up disaster recovery and business continuity systems for your network, among other measures, it's important for you and your other network users to function as the first line of defense against phishing attempts.

You do that by learning how to spot “phishy” emails and then using that knowledge whenever you consider clicking an email link or attachment.

Here is where you look and what to look for. 

The “From” field

Do you know the sender or their email address as being from someone with whom you usually communicate? If no, be wary.

Is the email from outside of your organization and not related to your work? If yes, that's suspicious.

Is the email from inside your company, from a vendor or from someone else with whom you interact but the content seems unlike them or interactions you’ve had with them in the past? If yes, tread carefully.

Is the email address’s domain extension misspelled or odd? Yes? Be careful.

Was the email unexpected? Watch out.

Do you not know or know of the sender? Again, be careful.

The “To” field 

Were you cc’d on an email to a number of people but don’t know the other people copied? If yes, regard this with care.

Was the email seemingly to a group of people, perhaps people with last or first names starting with the same letter or people across multiple departments for no apparent good reason? If yes, be wary.

The “Date” field

Was the email sent at an unusual time, like around midnight or shortly thereafter? Yes? Be careful.

The “Subject” field

Did the email you received have a subject that does not seem to pertain to the content. Yes? That's suspicious.

Is the message a response to an email you never sent. If yes, that's annoying and dangerous.


You place your mouse arrow or mouse hand over a hyperlink in the body of the email, but find the link is to a different address than the one indicated in the message. Yes? Watch out.

The email body is nothing but hyperlinks. No text. No explanation. No nothing. No kidding — stay away!

You get an email with a misspelled link. Be careful.


You are being told to click on a link or download an attachment, either to gain a reward of some kind or to avoid some negative consequence. Stay away.

The email is unusual and/or is badly written with bad grammar or spelling mistakes. Be very careful.

Something just seems phishy about the email. It's probably a phish.

The email supposedly notifies you of bad information or an embarrassing photo of you and urges you to click a link to see it. Don't click it!


The email bears an attachment for which you never asked, that doesn’t make sense and that you were not expecting. Annoying and likely dangerous. Avoid.

The attached file seems unsafe (is a PDF, Word doc, or some other file than a txt) and may even have been labeled as that by scanning software. If yes, stay away.


Now that you are forwarned, you are forearmed. Be the first line of defense. If it’s phishy, don’t bite. Otherwise you and your network could become someone else's lunch.

About R.K. Black, Inc.

R.K. Black, Inc. is an Oklahoma City-based, family-owned leading provider of office technology solutions to small and medium-sized businesses in Oklahoma and Kansas. We specialize in everything business technology from copier, fax, printer and scanner technology to document management, onsite paper shredding services, VoIP phone systems and managed IT support to video surveillance solutions.

If you want to learn more about us, feel free to explore the website, read our other blogs or click the button below to be contacted by one of our reps and tell you! Also, be sure to keep watching our social media channels on Facebook and Twitter for more business tips from our blog.