According to Webroot, a phishing attack involves sending a seemingly legitimate email that directs the recipient to visit a fraudulent link for the purpose of stealing information. This can include things like credit card numbers, banking information, and account passwords, and many companies and their employees are subject to surprisingly effective phishing scams to collect sensitive data. Being able to identify a phishing email is the first step towards protecting your business from cybercrime.
Grammatical and spelling errors
When you receive a multitude of emails on a daily basis, chances are you don’t fully read many of them. While expedient, scanning emails causes you to miss errors that could provide insight into their authenticity. Many phishing emails are made on the fly, and while they seem professional at a glance, they’re often rife with typos and other mistakes. If an email is requesting information, make sure you read it thoroughly before complying.
Too many hyperlinks
It’s expected to have some links in business correspondence, but phishing scammers tend to load up emails with a number of links to entice you. Other link problems may also present, such as a suspicious address that doesn't reflect the company supposedly sending the correspondence. If you have concerns about the link you’re being directed to, use the company’s official site and ask a representative for help.
Most businesses take pains to personalize emails sent to customers or clients. Personalization makes customers feel valued, and it also makes the company look professional. Most phishing emails don’t include personal salutations in correspondence because hackers don’t have access to the person’s name. If you receive an email that simply states “Dear Customer” or similar, think about the action being requested. If it’s not in line with your recent online activity, contact the company using official information.