Hot topics

How to avoid phishing email attacks

© nextpit

Phishing is a common form of cyber crime which involves having your identity, login details or other information stolen, often by email. If you've gotten any suspicious emails claiming to be from a bank or reputable company that ask for sensitive personal or financial information, including a link to a website where you're supposed to give that information, it could very well be a trap set by thieves.

Many times, these phishing emails are easy to spot because your email service provider will automatically filter them to the spam folder. But this doesn't catch 100% of them all the time, so it's important to know what to be on the look out for. How do you know if an email is sent by a cyber criminal? Keep reading to find out.

Don't open any links

Phishing works by the criminal sending you an email claiming to be a reputable company, often with a link to a page where you're supposed to put in your info. Always check the name of the sender, the email address, as well as the URL's HTTPS verifications, which your browser will display. But, if an email looks suspicious, there's probably a good reason for that and you should just not open the link at all.

phishing 3
The HTTPS information guarantees that the second URL is the real deal, but it doesn't mean the page is safe. / © ANDROIDPIT

Look at the small details

A successful phishing attempt is all about details, as that's how criminals gain your trust. However, if you catch mistakes in the email before even getting to the page where they're trying to steal from you, you can avoid all that hassle. Often, you can spot little mistakes in the initial emails, for example: plain text (no graphics or formatting), the sender is using an unofficial email address ( or spelling and grammatical errors ("helo, sir or madem").

gmail phishing
Sometimes, Gmail and Google will help filter out phishing emails or warn you of suspicious links. / © Google

Look out for threats

Sometimes cybecriminals try to scare you into opening and responding their fraudulent emails. For example, "If you don't reply to this email or update your password in the next three days, your account will be deleted". Don't worry, nothing will happen if you don't respond. In fact, it's extremely rare for any company to contact users via email about personal or financial information.

Stay alert and keep your eyes open

The last line of defense against phishing is yourself. As simple as it sounds, your own vigilance is the most effective way to stay safe. The email may be well written, have no spelling mistakes, the colors of the company logo may be legitimate, the URL and email address may seem reliable, but if you think something smells fishy, trust your instincts. Do not answer the email. Instead, if you think someone is impersonating your bank, for example, call the bank directly and check the accuracy of the information you have received. Once you talk to them, and they confirm that the email is fraudulent, mark the email you received as spam.

Has phishing ever happened to you? Tell us in the comments.

The best smartphones under $1,000 

  Editor's recommendation The best iPhone The best camera phone Value for money The best foldable The most affordable
  • $799
  • $799
  • $999
  • $599
  • $999
  • $499
Picture Samsung Galaxy S24 Product Image Apple iPhone 15 Product Image Google Pixel 8 Pro Product Image Nothing Phone (2) Product Image Samsung Galaxy Z Flip 5 Product Image Google Pixel 7a Product Image
Review: Samsung Galaxy S24
Review: Apple iPhone 15
Review: Google Pixel 8 Pro
Review: Nothing Phone (2)
Review: Samsung Galaxy Z Flip 5
Review: Google Pixel 7a
Go to comment (3)
Liked this article? Share now!
Recommended articles
Latest articles
Push notification Next article
Write new comment:
All changes will be saved. No drafts are saved when editing
Write new comment:
All changes will be saved. No drafts are saved when editing

  • 28
    itprolonden Mar 14, 2018 Link to comment

    I find social attacks are more useful.

  • Albin Foro 30
    Albin Foro Mar 14, 2018 Link to comment

    Using email since the early 90s, the most effective anti-phishing technique is to keep at least one nonsense email address for casual logins, e.g. to this site, and strictly confine a couple of "real me" email addresses to known meatware contacts e.g. family, friends / employment and serious commercial relations. Segregated "Real me" email won't normally get onto the mass mail garbage lists, and any fraud mail (from a "bank" or whatever) to a nonsense address is obviously garbage. I'd also add to the above article, that most email readers will let users expand the sender-information field, and that reveals the "named" financial or business sender is really some ridiculous and impossible junker. I use the police "Crime Stopper" web site to report phishing as well as nuisance SMS messages, looking for a subject heading the police will pay attention to. No repeats.

    • 28
      itprolonden Mar 14, 2018 Link to comment

      That's not 100% reliable

Write new comment:
All changes will be saved. No drafts are saved when editing