Email: Before You Click
December 2022


Cybercrimes are on the rise. Bad actors are getting more sophisticated, and you may even receive an email that seems like it’s from someone you know and trust. The email could also contain familiar content, such as an attached authentic previous email chain between you and someone you trust.

To avoid becoming a victim, review the email for the following warning signs:

Urgent or Threatening Language

If it’s a real emergency, it wouldn’t happen over email.

What to look for:

  • Does the email urge you to take immediate action?
  • Are you being pressured to respond quickly?
  • Does the sender threaten to close your account or take legal action?

Information Mismatches

Most phishing emails have clues that indicate the message is spam.

What to look for:

  • Does the email address match the sender’s name?
  • If you’re receiving an email from an internal employee, is the email address their work email address?
  • If you see a link, hover over the link with your cursor (do not click it): does the hyperlink look like an official or legitimate website link?
  • Do you see any typos, grammar errors, blurry logos, or something that doesn’t look like it was sent by your internal office, or a legitimate organization? Does the email have little, poor, or no formatting?

Unexpected Emails

If you weren’t expecting to receive an email from someone, it’s likely not from the sender.

What to look for:

  • Are you receiving receipts for items you didn’t purchase, or updates on deliveries you didn’t order?
  • Is the sender sending an email you already received in addition to their message?

Requests for Sensitive Information

If someone is asking for personal information through email, they shouldn’t be trusted with it, anyway.

What to look for:

  • Are you being asked for financial information, or for payments?
  • Does the sender request to update your account information?
  • Are there links directing you to login pages?

Suspicious Attachments

Be sure to review the email and the sender before clicking on an email attachment. Reach out to the sender through a different channel to ask if they sent the attachment if you’re unsure.

What to look for:

  • Did you ask for an attachment from this person?
  • Does the file use a weird name?
  • Is the file an uncommon file type?

Anything Too Good to be True

Be wary of deals and contests that sound too good to be true, especially if it’s one you didn’t enter.

What to look for:

  • Are you being offered a prize for a contest you didn’t enter?
  • Are you being asked to pay to receive something?
  • Is the sender offering inheritance from long-lost relatives?