How to Spot a Phishing Email | Spot Fake Emails

As email servers advance, so do their spam filters. But when a suspicious email gets through, how do you know if it's real or fake? It can be difficult to determine, especially if the sender seems to have personal information about you. But don't let that fool you; spammers continually find new ways to evade filters and so users must find new ways to identify spam and spot phishing emails. In this article, learn how to spot whether an email is real or fake using a simple four-question checklist.

Four questions to identify a phishing email

The number of emails we exchange daily makes it difficult to keep up with a clean inbox. Even with quality spam filters, you’ll probably occasionally receive a fake email or two. It happens, especially with the rise of phishing email and email address generators; the important thing, however, is that you know what to look for in these emails so that you aren’t fooled.

If you get an email in your inbox that seems suspicious and want to know how to tell if an email is fake, ask yourself these four questions:

  1. What is the subject of the email? Is it clear and relevant or is it vague?
  2. Does the sender’s address match the name of the signature? Check to ensure that the sender's name matches their email address. Many spam senders use burner emails or claim to be someone else.
  3. What does the body of the email contain? Analyze the content for sensibility and cohesiveness. Does it raise any red flags? Consider the content in light of who the sender claims to be.
  4. How are the grammar and tone? Poor grammar or tone doesn’t immediately mean an email is fake. Consider it in context. Is the email coming from a professional source? Does the sender claim to be your sister even though the tone sounds nothing like her? These are what you should look for in the message.

These four questions provide a general guide for analyzing emails, as most fake emails will raise the alarm on at least one of the queries.

Analyzing a fake email

Now that you know what to look for in theory when detecting phishing emails or fake messages, let’s analyze two examples.

Personal fake email example

Take this email sent by a woman claiming to be named Elena.

how to tell if an email is fake

Let’s go through and consider:

  • What is the subject of the email? In this case, “hi there” could mean an individual in need of support or emailing with a general question. It’s difficult to determine exactly what the person wants from such a vague line. However, that vagueness coming from someone who isn’t an acquaintance or previous email contact could be a red flag.
  • Does the sender address match the name of the signature? The email appears to be sent by Elena, but the email address is [email protected]. This is an immediate red flag; not only do the names not line up, but this appears to be a throwaway email address. Though throwaway emails are not always negative, it’s best to always be cautious when responding to one.
  • What does the body of the email contain? The email appears to be from a woman seeking to know more about the recipient based on social media or another type of profile. However, note that the sender requests responses at another address: [email protected]. This is another red flag, as this email address doesn’t match the original sender address.
  • How are the grammar and tone? Though bad grammar or strange tones aren’t incriminating, they can be used to determine the legitimacy of a message. This email contains several grammatical errors, and the language is somewhat unclear.

The mismatched addresses and vague subject, combined with the grammatical mistakes and strange wording of this email, indicate that it is a fake email.

Professional fake email example

The previous email was sent with more personal intentions, but businesses send fake emails as well. Consider this email sent by a company claiming to work in search engine optimization (SEO):

A fake email sent about SEO services

It was caught by spam filters, but what if it hadn’t been? Again, consider these four questions:

  • What is the subject of the email? Both “S.E.O” and “More Info” are incredibly vague, especially coming from a sender claiming to be part of an established business.
  • Does the sender address match the name of the signature? The person consistently refers to themselves and signs off as “David,” but the email is [email protected], which doesn’t match up.
  • What does the body of the email contain? A quick glance at this email may make it seem like just another marketing email; the person is reaching out to the recipient, offering their services, and asking for a response. However, keep in mind that this is supposed to be a professional email from a business reaching out to another business. The sender does not state their company name – or the recipient’s, for that matter. The sender speaks in vague terms and offers no identifying information or qualifications. These are all red flags and indicate a phishing attempt.
  • How are the grammar and tone? Again, though not an outright problem, the grammatical issues in this email raise a red flag, given the context.

Just like in the previous example, given all the red flags detected in this email, we can determine that it’s a fake email.

What to do if you receive a phishing email

Once you recognize a phishing email, the best course of action is simply to delete it. Replying or unsubscribing lets the sender know that your email address is still active. They may continue trying to reach you through the address. You also risk having your email address sold to other scammers for other phishing messages if it’s known as an active address. This is obviously a threat to your email security, but it's also a wider threat to your cybersecurity.

Make sure you don't click any links in the email or provide sensitive information, like phone numbers or bank account data, in response to the messages. Though the sender may create a sense of urgency in their message, it's not legitimate; these phishing attacks are meant to get information, money, or other resources from recipients.

If you do spot a phishing scam email and absolutely must take it a step further, you can learn how to trace an email using the email header analyzer tool. You’ll get more information about the sender using the tool, which in turn can help you find out where the email came from.

Author

Written by Lizzy Schinkel & WhatIsMyIP.com® Editorial Contributors

Lizzy is a tech writer for WhatIsMyIP.com®, where she simplifies complex tech topics for readers of all levels. A Grove City College graduate with a bachelor’s degree in English, she’s been crafting clear and engaging content since 2020. When she’s not writing about IP addresses and online privacy, you’ll likely find her with a good book or exploring the latest tech trends.

Reviewer

Technically Reviewed by Brian Gilbert

Brian Gilbert is a tech enthusiast, network engineer, and lifelong problem solver with a knack for making complicated topics simple. As the overseer of WhatIsMyIP.com®, he combines decades of experience with a passion for helping others navigate the digital world.