The Balance
How to Spot a Phishing Email
  • Investing
    • Basics
    • Stocks
    • Real Estate
    • Value Investing
    • View All
  • Credit & Debt
    • Building Credit
    • Credit Card Basics
    • Reducing Debt
    • Reports & Scores
    • View All
  • Retirement Planning
    • Basics
    • 401(k) Plans
    • IRAs
    • Social Security
    • View All
  • Banking & Loans
    • Basics
    • Best Savings Account Rates
    • Getting a Loan
    • Online Banking
    • View All
visit our other sites
Identity Theft
  • Theft Methods
  • Basics
  • Prevention Practices
  • Recovery
  • Business I.D. Theft
    Identity Theft Theft Methods

    How to Spot a Phishing Email

    • Share
    • Flip
    • Pin
    • Email
    By Jerri Ledford
    Updated November 17, 2018

    Phishing is one of the most prevalent identity theft scams you’ll encounter on the web. It’s estimated that more than 100 billion phishing emails are sent daily. Learn how to recognize them so that you don’t get caught by this common scam.

  • 01
    Recognize a Phish-y Email

    An example of a common phishing email

    Jerri Ledford 

    It starts with opening the email message. As soon as you open a message, you should begin to notice that some things aren't quite right. For example, the message in this item looks to be from a well-known banking institution—Capital One. Most banking institutions, however, don't send emails requesting customers to click on links or provide information.

  • 02
    Look at the Email Address

    phishing email address

     Jerri Ledford 

    Legitimate institutions that send email to their customers usually send them from an email address that’s associated with their website. In this message, the email address ends with ​​"@online.com."

    That’s your first clue that this might be a phishing email because the message claims to be from Capital One, which would probably have an email address ending with "@capitalone.com."

  • 03
    Beware the Urgent Ploy

    high important email notification

    Jerri Ledford 

    Phishers—the criminals who send emails trying to capture your personal information—use any means necessary to get you to respond, and that includes falsely marking email messages "Urgent."

  • 04
    Don't Click on Links That May Lead You Astray

    link in phishing email

     Jerri Ledford 

    All phishing emails have one thing in common: links that don’t lead where they appear to. Looking at the link in this email message, it appears to lead to ​"onlinebanking.capitalone.com."

    One way to tell if what you see is really where you’ll end up is to place your pointer over the link—but don't click it! A pop-up window like the one shown in the image above should appear with the real URL attached to the link. In phishing emails, this address rarely matches what’s displayed in the email.

  • 05
    Beware the Regular Maintenance Claims

    error in a phishing email

     Jerri Ledford 

    A common tactic used by phishers is telling email recipients that "regular maintenance" turned up an account error of some type. Don’t fall for this.

    If your credit card provider or banking institution finds errors in your account, you will most likely receive a letter in the mail explaining the situation.

    On rare occasions, you might receive a phone call, but even that isn’t likely to happen because of the risks to the creditor or banks that are involved.

  • 06
    Beware the Protection Claim

    confirm your account in a phishing email

     Jerri Ledford 

    Like marking a message "urgent" or "high-priority," another trick that phishers use is to play on your sense of vulnerability—for example, “Confirm your account now to stop fraudulent activity.” Bad move.

    Confirming your account usually means providing all of the identifying information that a criminal needs to gain control of the account. When in doubt, call the number on your credit card or banking statement.

  • 07
    Watch Out for Criminally Bad Spelling

    spelling error in phishing email

     Jerri Ledford 

    Have you ever seen a piece of mail from your credit card company or bank that included misspellings? Probably not. That’s because those companies pay big money for someone to proofread everything that goes out to customers.

    So why would those companies send out email messages that included misspellings and punctuation errors? They wouldn't. Errors of this kind are easy to spot and are sure indicators that an amateur is trying to steal your identity. 

  • House shaped mailbox or postbox

    Your Risky Mailbox: Identity Theft 101

  • Cyber crime computer keyboard

    Learn How IRS Form 5071C Can Help Your Identity

  • Tired, stressed businesswoman at laptop with head in hands

    Identity Theft Employment Scams

  • Common Types of Medical Identity Theft

  • Woman taking mail out of mailbox

    How Identity Thieves Use Your Mail to Profit

  • Account Takeover Fraud: Detection and Protection

  • Junk mail in mailbox

    Can Your Identity Be Stolen Through Junk Mail?

  • What is New Account Fraud?

  • How the Uber Breach Could Affect ALL of Your Passwords

  • Close up of address bar on internet browser

    Keep Your Computer Safe While Browsing the Internet

  • Identity theft in Asia

    Who Is Stealing Identities and How?

  • Pick pocket taking wallet

    Learn About Identity Theft and Watch Out for These Low-Tech Methods

  • a padlock on a computer keyboard

    What a VPN Does to Protect Your Computer, Identity, and Privacy

  • Internet Scams You Should Be Aware Of

  • facebook scammer

    Take Heed and Beware: Steer Clear of These 11 Facebook Scams

  • Data in the cloud

    How to Prevent Identity Theft With Focused Protection

Our Best Money Tips, Delivered
You're in! Thanks for signing up.
There was an error. Please try again.
Facebook Pinterest Twitter Flipboard Linkedin
  • Investing
  • Credit & Debt
  • Retirement Planning
  • Banking & Loans
  • About Us
  • Advertise
  • Terms of Use
  • Privacy Policy
  • Cookie Policy
  • Careers
  • Contact
  • Editorial Guidelines
Also from The Balance Team
The Balance Small Business
The Balance Careers
The Balance is part of the Dotdash publishing family.
  • Lifewire
  • ThoughtCo
  • TripSavvy
  • The Spruce
  • and more