Norton UK Blog

« Back to Norton Blog

11 Ways to Spot a Dangerous Phishing Email

by Norton_Team

Your bank account has just been cleared out. It started simply.

You opened your email inbox and an email caught your eye. Your PayPal account needed to be verified, so you opened the email and clicked the link.

And just like that, you’ve been phished.

While the email might have looked like it was from a real person or company, you’ve fallen for a clever scammer’s trick. To help stop you from being phished, we’ve taken a look at 11 ways you can tell if an email is trying to steal your personal information.

Source: Shutterstock

1. You’ve won a prize in a competition you never entered

You know that part in Finding Nemo where Dory and Marvin are searching for Nemo and they end up in the depths of the dark sea? A bright light appears and Marvin and Dory are drawn to it. “It’s soooooo pretty,” Dory says.

The camera cuts wide to reveal a terrifying, screeching anglerfish that wants to eat our brave heroes. The anglerfish’s pretty light was a lure meant to snare unsuspecting fish. In this metaphor, the lure/anglerfish is a phisher.

Rule-of-thumb: if you haven’t entered a competition or signed up for information on special offers, and you get an email about a prize, the email is probably a phishing attempt.

While you might be captivated by the promise of a great prize, you need to be logical about it. If you didn’t enter a competition, how could you have won it?

2. The email is selling you something you didn’t sign up for

Emails selling credit cards, pills, loans, and the extension of certain body parts are usually sent straight to spam, but sometimes hackers can be extra sneaky. They’ll try and sell you something that you might actually want, like a new TV or phone.

If you didn’t sign up for what they’re selling, it’s spam. Delete it.

3. All-cap, urgent, and shout-y subject lines are a give-away

If you get an email in Gmail that you’re not sure about, you can hover over the name. The sender’s contact details will pop up, including their email address. If their email address looks like it was typed by a cat, it’s a massive red flag.

Who would ever use or remember an email address like this?

Source: 256 Media

4. If you’re being asked to act urgently, you’re either on a strict deadline in work or someone is trying to phish you

Unless it’s a sales email from a brand whose newsletter you’ve signed up for, or you’re in work, there’s no need for a time-limit on an email. Phishing emails sometimes emphasise urgency to create a sense of panic.

They might tell you that your email has been hacked or your bank account details have been compromised and you need to act NOW or else something very bad will happen.

Another tactic offers you an amazing deal that’s going to expire RIGHT NOW. You might even only have a few minutes to respond before the email disappears forever.

5. The email is generic and non-personal – or it’s personal but not from anyone you know

We don’t mean a newsletter you’ve signed up for. Even big companies like Netflix and Indiegogo don’t have the time and resources to send individual emails to everyone who’s signed up to their email updates.

Think about it: did you sign up for a newsletter or updates from the person or company? If you did, it’s fine.

A recent Indiegogo newsletter looks like this:

Source: 256 Media

If you get a generic email from a company or person that you didn’t sign up for, then chances are it’s spam, if not a phishing attempt. Phishing emails are usually sent out in batches to hit as many people as possible. They often don’t include any personalisation like your name.

The following is a pretty legitimate looking email newsletter that landed in my spam folder. What are the red flags?

·         I didn’t sign up for a small business loan.

·         The address (once Googled) is linked to a bunch of other scam emails.

·         The links, when hovered over, reveal a very long hyperlink—essentially, I have no idea where the links lead to and finding out is not a good idea.

Source: 256 Media

These types of dodgy newsletters are usually sent from accounts with generic names too, like Jane or John Doe. If the sender’s name is something you’ve heard a TV detective refer to a corpse as, that’s another red flag.

We’re about to contradict ourselves here, but personalised emails can be phishing mails too. Sometimes the hacker will use your email address to figure out your name. These emails tend to read as if they’ve been sent by a friend you haven’t seen for a while; they’ll usually start with a warm greeting.

The giveaway here is the contact details. Like we said above, if you hover over the sender’s name, their contact details will pop up. If the email address looks like gibberish or you don’t recognise the sender’s name, then it’s safer to ignore the mail.

6. There are links in the middle of the email

A link in the body of an email isn’t unusual, especially if you work in an office where people are constantly sending work stuff and Buzzfeed articles to each other.

Phishers will sometimes send a link within an email with the hope that you’ll click on it. How much trouble could one link cause you? A lot! Often, phishers will hide links. Let’s say the link is You could click the link and be redirected to another site entirely. The link could lead to just about anything. 

Source: Shutterstock

This website it links to may even look official. On the site, you might be asked to enter your bank account details, a PIN, or log-in information.

Writing for the Guardian, Liz Philips told the story of how she’d clicked a link in an email supposedly from Yahoo. Her email address was taken over by a hacker who mass sent a message to everyone in her contacts. The message asked friends to wire her a chunk of money as she was stranded in Ukraine.

Moral of the story: always be careful when clicking on links in emails, even if they’re from someone you know.

7. The email is poorly written or in garbled English

A massive red flag is a poorly written email. If you get an email from someone you don’t know, and it doesn’t make sense or is full of spelling and grammar mistakes, your best bet is to delete it.

8. The email is from your bank or credit union and they want important data

Your bank will never email you to ask for your personal information. If there’s a problem with your account, they’ll phone you. Banks are secure places and are usually careful about minding your private data so it makes very little sense for them to send you an email.

If you get an email and you’re not sure, give your bank a call.

9. They’re a big corporation and they’re asking for your data

In much the same way that’s it unusual for your bank to email you, it’s also unusual for a big company to directly email you.

Facebook, for example, does have email notifications. If someone tags you in a photo or mentions you in a comment, Facebook will send you an email to tell you that. But there’s a difference between sending you something like that and asking for any personal details.

The only time any corporation will ask for your log-in details is if you’ve forgotten your password and you want to reset or change it.

Source: Shutterstock

10. The email came with an attachment

Don’t open or download attachments unless you know exactly what they are—especially if they were sent by a stranger.

Attachments can contain viruses or other types of malware. If you’re sent an unexpected attachment from someone you don’t know, don’t open it. You might want to know what the attachment is, but downloading it could damage your computer.

Seeing what the attachment is just isn’t worth the possible hassle of malware or a phishing attempt!

11. The address in the email doesn’t match the company’s address

A quick and easy way to figure out if an email is from a hacker is to check the address listed at the bottom.

If you live in Yorkshire, for example, and a hacker has sent you an email from a local bank, you’ll figure out pretty quickly that’s it not right if you glance down at the address and see that it’s listed as being somewhere foreign. Same goes for foreign companies emailing you.

If you live in the UK, why is a US company emailing you about a local service?

What should you do if you think an email is from a phisher?

Delete it. Send it straight to your trash. Don’t pass go. Don’t collect £200.

If you don’t trust an email, your safest option is always to delete it. If you think you might have fallen for a phishing email, you’ll need to change any passwords and PINs you gave out. If you clicked on something you shouldn’t have while you were in work, let your boss know straight away.

We hope that these tips help you avoid potentially dangerous phishing emails. Feel free to share this resource with your friends and family.

This entry was posted on Thu Nov 05, 2015 filed under online security , online security tips and online threats

Stealing your identity can be easy. Good thing calling us is too.

Help with identity theft starts here. Trusted by millions of customers around the globe. Get Antivirus, Online Privacy, and in case of identity theft, Identity restoration support.

Get our award winning Norton protection

PC Mag:

A trademark of Ziff Davis, LLC. Used under license. Reprinted with permission. © 2022 Ziff Davis, LLC. All Rights Reserved

No one can prevent all cybercrime or identity theft.

The Norton brand is part of NortonLifeLock Inc.

Copyright © 2023 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Alexa and all related logos are trademarks of, Inc. or its affiliates. Microsoft and the Window logo are trademarks of Microsoft Corporation in the U.S. and other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.


Follow us for all the latest news, tips and updates.