How to Spot a “Phishing” Email

Adapted from

While there is no technique that can spot phishing emails with 100% certainty, these are some logical steps that you can use to determine the likelihood that an email is not legitimate. Trusting your own instincts is just as important too. If an email doesn’t seem right, then treat it with all due caution and seek help if you need assistance.

Examine who the message is being sent from and why…

  • The message was sent by a person and organization unknown to you, and may also include fictitious or unfamiliar recipients.
  • The Subject line indicates that an unsolicited attachment is being forwarded. In most business/work relationships, some kind of communication would have taken place where you would be expecting files that someone wants to send to you.
  • The attached file type of ZIP is known to be potentially malicious. Other potentially risky file types end with DOC, XLS, EXE, PDF, BAT and VBS. While most people often use these file types every day, the risk lies within the ability of malicious code being inserted into these kinds of documents. An unsuspecting recipient opening a malicious file of these types would unknowingly execute malware on their own computer.


Examine the body of the message…

  • The message opening is unusually and overly formal. People you know or have working relationships with would not ordinarily use such formal language.
  • The message prompts you to create an account or divulge personal details that one would normally hesitate to share.
  • The name given in the message body is different than the name given in the FROM field.

 If you believe you have received a phishing email, check The Phishbowl ( to see if it has already been reported and confirmed as phishing or forward it to



Custom Fields
  • Author: UNH information Security Services
  • Department: Information Security Services
Attached Files
There are no attachments for this article.
Related Articles RSS Feed
How to Determine if Your Windows Device is Automatically Updating
Viewed 616 times since Thu, Nov 2, 2017
Mobile Device Health and Security
Viewed 1348 times since Fri, Jul 10, 2015
Phishing and Spam
Viewed 5699 times since Wed, Apr 29, 2015
Red Flag Rule - Identity Theft Prevention
Viewed 2032 times since Thu, May 7, 2015
Password Managers 101
Viewed 774 times since Mon, Oct 16, 2017
Antivirus Software for Windows
Viewed 10930 times since Wed, Aug 12, 2015
Should you send or receive UNH personally identifiable information by email?
Viewed 1312 times since Thu, Jun 9, 2016
Why Can’t I Forward Emails to
Viewed 377 times since Thu, Feb 22, 2018
Recommended tools for SFTP/FTP
Viewed 195 times since Mon, Sep 10, 2018
Tips for Keeping Your Devices Secure
Viewed 719 times since Fri, Aug 4, 2017