How to spot spam/ phishing emails

If you’re lucky, your email server has probably become fairly good at spotting spam emails. But sometimes you’ll still see the odd suspicious email arriving in your inbox. So how can you tell if an email is real or not?


Look at the email address.

Has this person ever emailed you before? If the email has been sent from a free email provider (such as, etc.) and you don’t recognise the sender/ are not expecting to receive anything, be suspicious. If the email is supposedly from a massive corporation like Microsoft, the ‘from’ address would probably be something along the lines of If there are a load of random characters or numbers before the ‘.com’ it’s not from them. Another good thing to check is that the name appears in the ‘from’ box matches the actual email address… if the name says ‘Elizabeth Smith’ but the email address is ‘’ be very wary.

Look at the subject line.

Dodgy emails often have phrases such as; ‘urgent’, ‘action required’, ‘important’ in the subject line… Such subject lines give you a sense of fear and make you want to check what’s in the email in case it is in fact an ‘urgent’ matter for attention. However, it’s probably fake. It’s very unlikely that anyone would try and communicate this sort of thing with you via email, without having written to you or telephoned you to advise first.

Look at the greeting.

If you haven’t been able to confirm from the email address whether the email is safe or not, click on the email. Check how you are addressed in the email. If an email has come from an unknown email address and they don’t know your name, it’s fairly likely it’s spam. If the email is apparently from a company and you are addressed as ‘Dear valued customer’ or ‘member’, be suspicious. Most organisations like you to feel valued and take the extra effort to ensure that they address you by your name.

Look at the content.

Is the email full of spelling and grammar mistakes? If so, it’s not real. Most companies care about the information they send out and would never send out an email riddled with inaccuracies. Are there links in the email? If so, don’t click on them. Hover your cursor over the link (but DON’T click on it) and this will show you the destination of the link. If it looks a bit weird and is full of different characters or doesn’t seem to match what the link is supposedly for, chances are it is a phishing attack. If in doubt about a link, open a new web browser page and type the address directly into the URL bar – don’t copy and paste or click on it directly from the email. If the email is reportedly from a company and contains just a link, but no contact details, don’t fall for it – most companies want you to be able to contact them and would include alternative contact methods in the email.

Maybe the email is claiming you’ve won a competition? Do you remember entering the competition in question? If not, ignore it and remember that if it’s too good to be true, it probably is.

You need also to be wary of an email coming from a friend or relative’s email address saying that they are in trouble and need you to send them money. If you think it might be a legitimate request for help, find another way of contacting the person in question to verify the situation. If this is not possible or you still want to be on the safe side, if money is requested for something in particular (for example, to pay for an extra 3 nights in a hotel) offer to call the hotel and pay directly, instead of electronically transferring any money. If it is a scam, they’ll probably be pretty insistent on electronic money transfers.

Is it asking for you to reply with personal details? Don’t do it! Nobody will ever ask for personal details by email. If in any doubt, contact the person/ company asking for the details by phone or in person to verify why and what details they need. Don’t call any numbers within the email, find the number online or from some trusted documentation you have received previously from the company in question.

Does the email have attachments? Watch out and don’t open any attachments you don’t trust. Unfortunately, malicious attachments containing viruses and malware are all too common. Be extra wary if the attachment is a ‘.zip’ file as these can contain multiple files, and the contents are not visible until extracting them from the zip file. Another one to watch out for is ‘.exe’ – this stands for ‘executable’ and runs/installs something on your machine when you click on it.

Have you received a strange email from a trusted contact’s email address?

Or maybe it’s not the first nonsense-quite-probably-spam email you have received from them recently. Contact the sender immediately (either by new email or alternative means of contact), chances are their email may have been hacked and until someone like yourself points it out, they may well not be aware.


You’ve probably got a pretty good idea by now whether the email in front of you is spam or not. Think it’s spam and not sure what to do next?

Most email providers have a ‘report spam’ or ‘report phishing’ button, which is the easiest way to report the email. If the email is reporting to be from a particular company, but is quite clearly spam, you can report it to the actual company that the spammer is mimicking. In addition, the UK’s national fraud and cybercrime reporting centre is Action Fraud and has a ‘scam emails’ section with a telephone number and online reporting option so that you may alert them of the threat. Most importantly, if you have a spam email, don’t reply to it or hit an ‘unsubscribe’ button. If you do, you are confirming to whoever is at the other end that your email account is active and have very likely just opened the door to a lot more spam in the future.


Stay alert and stay safe!

If in any doubt, feel free to contact PCs PCs on 01458 833900, or pop in to our service centre in Glastonbury High Street to have a chat.


Posted in News and Info.