Simple Rules To Spot a Phishing Email

phishing examples windsor

Cyber security tools have gotten much better at blocking things like viruses, trojans, worms and hackers from getting access to your information, so much so that cyber criminals have changed their M.O. to target the next weakest link in cybersecurity; YOU, the user.

Cyber criminals understand our human nature can itself be hacked, and they know how to do it.

Knowing how to protect your personal information and your business information is critical. Not only do phishing attempts put your company at risk, it will also put your personal information at risk as well.

Although the threat landscape is ever evolving with new tricks, hacks and techniques, these simple rules should help you identify the most common threats and prevent your personal information and your company from being compromised.


The purpose of a phishing email is to gain access to your personal information and your company’s network, by tricking you to click a link, download an attachment, or login to a fraudulent website which will grant the attackers access to your computer, or smartphone.

Although; these emails will look very close to their legitimate counterparts there are a few key details you should know to look for that will set off red-flags. 


If you get an unexpected, or urgent seeming email from what looks like a trusted company, make sure the “From:” email address is what you were expecting and spelled correctly. When in doubt search your inbox for previous emails to double check, or use a search engine and paste the incoming email address in. If the email is legitimate you will find it on the company's website.

Other the other hand, many times scammers will use the same or similar fraudulent email addresses, for the same campaigns and you might be lucky enough to find that someone else has already listed it as spam or a phishing email.

There are also free resources online to check if an email address is valid using, as well as to check if it has been reported to be used in a scam like or see what scams have been associated with that email with



If the message of the email is something very urgent, or unsettling and asks you to visit the link they provide, be very suspicious. Many scammers will try to play on your emotions to get you to act without thinking.

These can range from emails claiming that you've won a prize, a "Free" vacation, or threats like an audit, account termination, or account renewal.


Are there spelling, grammar or syntax mistakes? Large companies and organizations have people on staff to review materials before there sent to make sure spelling and grammar are good. The scammers creating phishing emails do not, and are often times not primarily english speaking. For these reasons it is always a good idea to review emails for these errors to determine the legitimacy of an email communication. Especially if it is asking for information, or for you to click a link or download a file.

Do they address you with a vague greeting like "Mr/Mrs" or "Dear Sir or Madam" or "To Whom It May Concern"? Unless this is a message you're expecting, and the tone is appropriate for the context. Most legitimate organizations know their audience, and will customize their greeting to either identify you by your first and/or last name or username, or will have a greeting that specifically identifies you as their customer.



If the previous rules don’t give you reason to dismiss the email as a phishing attack, a sure-fire way is to check the destination of any link they are directing you to. By hovering your mouse over a link you can check the destination it will send you (on most mobile phones you can press and hold on the link to see the destination).

What you want to look out for, is links that contain misspelled, or improper URLs like, or, when you are expecting the official address of a trusted entity. These unofficial websites are usually designed to trick you into providing cyber criminals with your login information, or secretly download malware onto your device.

When in doubt, it is always best to go to the official website directly, or by using a search engine.



Another common method cybercriminals are using to gain access to your computer is through attaching malicious files disguised as resumes, invoices, product catalogs and more.

The malicious files can hide within ZIP files, word documents, excel files, and even PDFs, which once downloaded will run a program that allows the attacker remote access to your machine.

Know as Remote Access Trojans or RATs; these programs provide cybercriminals with unlimited access to infected computers. Using your access privileges, they can access and steal sensitive business and personal data including intellectual property, personally identifiable information, saved passwords, and emails.

For more information about phishing attacks and prevention check out these resources:

Phishing and Malware Prevention

As an experienced IT service provider and consultancy, we can provide expert deployment of anti-malware and anti-spam solutions to prevent you and your employees falling victim to cybercriminals who look to steal your proprietary information and disrupt your business.

Join our newsletter to learn about business technologies with expert advice to help you empower your business and maximize IT productivity.

Are You Ready to Empower Your Business?

With our extensive experience in the IT industry, we know what solutions work and always put ourselves in the customers’ shoes. We don’t recommend anything unless we ourselves would do the same. Ensuring your success ensures our own success.

What People Say about Us

Netmon HQ

55 Edinborough St, Suite 200
Windsor, ON N8X 3C3

Tel. 519-944-8365
Fax 519-944-4867

Join Our Newsletter

Join our newsletter to learn about business technologies with expert advice to help you empower your business and maximize productivity.