Want to spot a phishing email and nip it in the bud? The easiest way to do that is by installing an anti phishing chrome extension which would help you detect the malicious sender instantly without even clicking on the message. Others include looking at the details of the message and giving instructions as to what actions must be taken manually. Brief explanations of signs which point towards a phishing email have been given below.

1. Weird Domains

First of all, all properly established organizations use their official domains for sending and receiving professional emails. If you see an email with a weird domain name attached to it at the end such as 123.com, be aware that it is not from the original organization.

An example to illustrate this would be you receive an email from your financial services provider asking you to re-enter your credentials. Ideally, the email address should consist of the official name of your financial series provider at the end of their domain, that is, @Paypal.com or @Skrill.com. However, if the email ends in a domain name @123.com or @blackmonkey.com then it is not from your services provider at all. It is from a scammer trying to get you to open the link and enter your sensitive information for being scammed.

The domain names mentioned above as examples are not even remotely close to the ones real-life scammers use. Real-life scammers are pro at playing games and would use fake domain names by altering the capital letters with small letters like @paypal.com instead of @Paypal.com, etc. This means that it will always be a close call and difficult to identify. Hence, installing an anti-phishing chrome extension would be a great choice to help you out with identifying the scammers.

2. Wrong Spellings & Grammar

The second sign is that scammers or hackers usually have bad grammar and spelling skills. This shows in their phishing emails too. Professional organizations take care of their grammar and spellings bloopers to create and maintain their brand image. On the other hand, these scammers know nothing better than their already designed grammar-deficient email.

When you see an email flooded with grammar errors and spelling mistakes, simply report and block it because there is no way it could have been sent by a properly functioning organization.

3. The Personal Information Request

The third sign to tell a phishing email from a real one is the request for providing personal information over email. No professional organization asks its customers to input personal information over email. All of them have proper mechanisms to follow through such requests which include manual confirmations, phone calls, and oftentimes physical visits.

4. The Unsolicited Attachment

The fourth sign of a phishing email is that it is usually accompanied by an unnecessary attachment. Users can be persuaded to open the attachment by making false claims such as ‘You won a so and so prize’. Open this file to see details.’ The attachment might contain the malware or other malicious software and as soon as a person clicks on it, poof! The malware loads itself into your system.

The best way to respond to such emails is to, first of all, realize did you actually take part in any contest or lucky draw to win such prizes. Secondly, check the email for the signs mentioned above. Thirdly, report, and block such senders.

5. Absurd URLs and Fake Urgency

The last signs of telling a phishing email from a real one are the inclusion of absurd URLs and causing fake urgency. A proper organization has a proper website. They do not need www.forgetmenot.com kind of URLs to lure you into their hacking tricks. Secondly, the message within the email would be instilling fake urgency as in you need to click now or the offer will expire in 2 hours to claim your credit. It is obvious that they want users to click on the links in the email as soon as possible without having time to realize their scam.

In addition to these, professional organizations refrain from sending emails from generic domains such as @gmail.com. They always use their company’s professional domains while conducting professional communication online.


Spotting phishing emails is easier; however, preventing them from causing harm requires effort. The organizations must install antivirus or anti-phishing software and educate their employees to stay updated about the newest tactics used by online goons.