Guides

The easiest way to recognize a phishing email

Learn how to spot a phishing email by checking links, grammar, and sender to avoid online scams.

online scams

27 October 2025

Indice dei contenuti

  • What is a phishing email and why is it dangerous?
  • How to recognize a phishing email: the three-check rule
  • Real example of a phishing email analysis
  • What to do if you receive a suspicious email
  • How to prevent phishing

Phishing is one of the most widespread and dangerous online scams today. It is a scheme aimed at stealing personal data, passwords, or banking information through forged emails, often indistinguishable from authentic ones. These phishing emails can reach anyone: private individuals, companies, professionals, and even public institutions.

The goal is always the same: to push the recipient to click on a suspicious link, download an infected attachment, or enter their credentials on a fake website.

In this article, we’ll see how to recognize a phishing email in just a few seconds using the three-check rule a simple but effective method that can save you from serious consequences.

What is a phishing email and why is it dangerous?

A phishing email is a fraudulent message pretending to come from a trusted sender, such as a bank, e-commerce site, or online service. To look credible, the scammer copies the logos, colors, and layout of the brand being impersonated.

Phishing attacks often exploit the sense of urgency (“Your account will be blocked within 24 hours”) or fear (“We have detected suspicious activity”). This pushes the user to react impulsively without stopping to check the details.

The main risks are:

  • Theft of login credentials for email, social media, or online banking.
  • Identity theft to commit further fraud.
  • Malware installation on the device.
  • Loss of money through unauthorized transfers or payments.

How to recognize a phishing email: the three-check rule

1. Check the link (without clicking)

A suspicious link is the first red flag of a fraudulent email. Hover over the link (or press and hold on a smartphone) to view the real URL.

  • If it doesn’t match the official domain (e.g., “paypal.com”) or contains replaced letters (“paypa1.com”), it’s phishing.
  • Avoid very long links, strings of random characters, or little-known domains (.xyz, .top, etc.).

SEO-friendly example: how to check a suspicious link in a phishing email without opening it.

2. Check the grammar and text quality

Many phishing emails are full of spelling mistakes, inconsistent sentences, or poorly done automatic translations. A legitimate company is unlikely to send such poorly written messages.

  • Frequent typos.
  • Incorrect or missing punctuation.
  • Wrong verb forms.

Tip: if the language sounds “odd” or too formal/stiff, it’s likely poorly translated from another language.

3. Verify the real sender

The display name (“Amazon Customer Service”) can be easily faked. What matters is the address after the @ symbol.

  • If it does not end with the brand’s official domain (e.g., “@amazon.com”), it’s suspicious.
  • Some scammers use very similar domains: “@amazon-support.com” or “@security-amazon.net.”

SEO note: including the keyword suspicious sender helps target specific searches.

Real example of a phishing email analysis

Subject: “Your account will be suspended”
Sender: “support@amazon-login-secure.net”
Link: “http://amazon-verifica-info.com”

Analysis using the three-check rule:

  • Link: unofficial domain.
  • Grammar: sentence “to avoid suspension urgently click here” — incorrect syntax.
  • Sender: domain different from amazon.com.

Verdict: phishing attack.

What to do if you receive a suspicious email

Recognizing a phishing email is the first step, but knowing what to do immediately afterward is equally important. A quick, correct response can prevent data theft, unauthorized access, and financial loss.

1. Never click on links

Even a single click on a suspicious link can redirect you to a fraudulent site designed to steal credentials or install malware. Resist curiosity: never open links before verifying them. If you need to check information (e.g., account status), type the official address directly into your browser.

2. Do not download attachments from unknown senders

Attachments can contain viruses, trojans, or ransomware that infect your device and spread through your network. Formats like .exe, .scr, .zip, or even Office documents with active macros (.docm, .xlsm) are particularly risky.

3. Report the email as phishing to your provider

Most email services (Gmail, Outlook, Yahoo) have a “Report phishing” option. This helps to:

  • Block further emails from that address.
  • Improve global spam filters.
  • Warn other users of the threat.

4. Delete the message after reporting it

Keeping a suspicious email in your inbox increases the chance of accidentally clicking it in the future. Once reported, also remove it from the trash folder.

5. If you clicked by mistake

Act immediately:

  • Change the password for the compromised account and all linked accounts.
  • Enable two-factor authentication (2FA) to make stolen credentials useless.
  • If you entered banking details, contact your bank immediately to block or monitor suspicious transactions.
  • Run a full antivirus scan to remove any malware.

How to prevent phishing

Prevention is the key to avoiding becoming a victim of an online scam. Many attacks can be avoided by adopting safe digital habits and effective security tools.

1. Use antivirus software with anti-phishing protection

A good antivirus does more than block viruses and trojans; it also includes filters that:

  • Intercept malicious websites before they load.
  • Scan attachments in real time.
  • Flag dangerous links in emails.

2. Enable spam filters

Spam filters drastically reduce the number of suspicious emails that reach your main inbox. Many providers update these systems daily, but they must be kept active and properly configured.

3. Always update your browser and operating system

Security updates close vulnerabilities that cybercriminals exploit for phishing and malware attacks. Outdated devices are easier to compromise.

4. Use complex, unique passwords

Using the same password for multiple services is a huge risk: if one account is compromised, all the others become vulnerable.

  • Choose long passwords with uppercase and lowercase letters, numbers, and symbols.
  • Consider a password manager to store them securely.

5. Train employees if you work in a company

Corporate phishing is one of the main causes of data breaches and can lead to significant financial and reputational damage.

  • Organize regular training sessions.
  • Run simulated phishing tests to assess staff readiness.
  • Define clear procedures for reporting suspicious emails internally.

Questions and answers

  1. What is phishing?
    A scam technique that uses fake emails to steal personal data.
  2. How can I tell if an email is phishing?
    By checking the link, grammar, and sender.
  3. Can I open a phishing email without risk?
    Opening it is not dangerous, clicking links is.
  4. What should I do if I click by mistake?
    Immediately change passwords and enable two-factor authentication.
  5. Can phishing come via SMS?
    Yes, it’s called smishing.
  6. Can the sender be forged?
    Yes, that’s why you should check the domain after the @ symbol.
  7. Does antivirus block all phishing emails?
    No, but it can filter many threats.
  8. Are phishing emails always full of errors?
    Not always; some are very well crafted.
  9. Can I report a suspicious email to the police?
    Yes, through the official cybercrime reporting portal.
  10. Are there courses to learn to recognize phishing?
    Yes, many cyber security companies offer them online.
2
To top