How to Identify a Phishing Attack on your Business

Email Security

Four Signs You’ve Received a Phishing Email!

Spam/Junk emails are an ever-present nuisance in today’s work environment. The sheer number of potentially unnecessary emails is unprecedented. In spite of this, many users still get caught out when it comes to identifying and mitigating the risks involved with junk emails. Particularly in the case of phishing emails, where a user is tricked into interacting with an email. This may be by clicking a link or by inadvertently handing over passwords or sensitive information, including financial. However, there are some simple ways you can combat their traps.

What to look out for when analysing your inbox and identifying a phishing email.

Malicious Links

A tell-tale sign that you’ve received a spam/phishing email will be when you’re provided with a plethora of links to click on. A bare hyperlink (blue, underlined text) are the most obvious. However, more evolved links will be buttons that ask you to “Sign In” or Log in now”. These buttons or links will often take to you to a nefarious web page, which from there will more than likely compromise you. Building on from this point, if you see a link within an email, if you are particularly careful, you can hover (rather than click!!!) on a link to get a preview of where the link is likely to take you too, helping to identify the site. Admittedly, you need to be very careful in doing this. If you are unsure, it’s best not to interact with the email at all.

Sender Address

The first step you should do after avoiding any links is to check the addressee or sender of the email. Near the subject of the email will be the name and email address the message has originated from. The actual name (e.g. John Doe) of the sender is normally more inconspicuous, whereas the email of the sender can be an identifiable in terms of not being legitimate. For example, if Microsoft Office were to send you an email, it could come from a variety of addresses (it’s a big company after all). However, they will normally contain something along the lines of: Microsoft, MSFT, Office, etc. If instead of this, the email was or or, it’s probably not going originate from Microsoft themselves. There’s not a one size fits all approach here, but normally the email will have identifiable pieces such as a 0 (zero) in place of an O (the letter).

Unrecognised attachments

Again, if an email has an attachement, it’s always worth checking things first before jumping straight in. Even if you recognise both the sender name and email address, their account may well have been compromised. Therefore, opening an attachment could be fatal. As downloading an attachment is more of an actionable process, attachments can often be an afterthought, but are still something you need to be aware of. Check the name of the file – is it logical, does it make sense? If somebody was sending you an invoice, yet the attachment was called “B4dF1l3.exe” instead of “Invoice” would you download it? The name is often a good starting point in terms of piecing together the clues to prevent compromises. Additionally, checking the file type is again an important part. Using the Invoice example again, if you receive all your invoices as PDFs but instead had now received an Excel document instead, would alarm bells ring? If you don’t recognise the file type, don’t download it. You can always ask if you are unsure.

Spelling mistakes

Another easy spot with junk emails is that the language used is often grammatically incorrect, contains spelling mistakes, or contains vocabulary not often used by the sender. For the latter, this is more relevant if a person you know has sent you an email that you believe to be spam. Again, potentially meaning their account has been compromised. For generic, random emails that you believe to be spam, the email may be littered with spelling mistakes or sentences that don’t make sense. If this is the case, best to delete or mark the email as junk.

What else should I do to prevent an attack?

All of the parts we’ve covered can combine together to hopefully let you know that you have been the target of a spam email. Whether that be a targeted phishing attempt or otherwise. This isn’t necessarily the be all and end all of what you should be looking for. Simply the more common tropes you find among spam email. For a more comprehensive look at what exactly the purpose of spam email is, or to discuss cyber security topics in more detail, contact us on 0800 6521 365 or alternatively visit our website at We also have cyber security Training available at

Free Guide: Understanding Team Email Security

Just ‘how secure’ is standard email security? Understand the common vulnerabilities, the risks to your business, and how to combat them.