With the rise of QR phishing, AI-powered attacks, and other popular email phishing tactics in 2025, businesses must recognise and avoid phishing attempts.
In 2023, there was a staggering increase in QR code phishing, or "quishing", often found in email bodies or attachments. These attacks became a major concern for cyber teams globally, accounting for 12.4%. The success of these attacks highlights how cybercriminals skilfully combine available technology with consumer familiarity, leading to widespread complacency.
According to the Egress Email Risk Report 2024, 94% of organisations experienced email security incidents, with 79% ATO (account takeover) of those attacks originating from phishing. Additionally, 95% of cybersecurity leaders reported feeling stressed about email security.
Therefore, spotting phishing emails is now more important than ever, as these deceptive emails can be difficult to distinguish from legitimate communications.
But how can you recognise a phishing email?
In this blog post, we’ll explore 7 effective ways to spot a phishing email in 2025 and help you protect your sensitive data from falling into the wrong hands.
How Can You Spot a Phishing Email
Here are the 7 ways to spot phishing email:
1. Look Out for Generic Greetings
One of the most obvious red flags in phishing emails is the use of generic greetings. Instead of addressing you by your name, cybercriminals often use impersonal salutations like “Dear Customer” or “Dear Account Holder.”
These phrases may seem harmless, but they are a sign that the sender doesn’t know you personally, which should raise suspicion.
Legitimate organisations almost always personalise their communications with your full name, so please be sure to take extreme caution if you receive an email that doesn't have this personal touch. This is a sure sign that the email might not be from the company it claims to represent.
For example, you receive an email from “PayPal” that begins with “Dear Customer.” PayPal typically addresses users by their full name, making this a suspected phishing attempt.
2. Check the Sender's Email Address & Domain Names
Another way to spot a phishing email is to examine the sender’s email address and domain name closely. Cybercriminals often create email addresses that look very similar to those of legitimate organisations.
However, if you look at the domain name, you’ll usually find slight alterations or misspellings. For example, a phishing message from "Amaz0n.com" instead of "Amazon.com" would be a classic example of this trick.
Therefore, to prevent phishing you should always double-check the email domain before clicking on anything or responding to the email. If something seems off, verify it by contacting the company directly through official channels.
Here is a perfect example: A suspicious email (in the below image) claiming to be from “Apple” arrives, but the email domain reads "support@apple-secure.com" rather than a recognised "apple.com" domain.
3. Spot Poor Grammar and Spelling Errors
One of the easiest ways to identify phishing emails is to check for poor grammar and spelling errors. Legitimate organisations take great care with their communications, ensuring they are free of mistakes.
Phishing scams, on the other hand, often contain grammatical issues, misspelt words, or awkward phrasing. This occurs because many of these phishing attack emails are crafted by scammers who may not be fluent in English or are working quickly to avoid detection.
Therefore, if an email, from what claims to be a trusted company, contains many spelling mistakes and odd sentence structures, it’s likely a malicious email.
For example, a phishing email from a “bank” might contain sentences like, “Your account is at risk of being disabled unless you act quickly!” This level of bad grammar is a huge red flag.
4. Beware of Suspicious Links & QR Codes
A major goal of phishing attacks is to trick recipients into clicking on suspicious links or scanning QR codes that lead to fake websites, designed to steal user credentials or other sensitive information.
These sites often look remarkably like the real ones but are created by scammers to capture your sensitive data once you enter them. One of the significant signs of email phishing is that the URL displayed in the email doesn’t match the actual company’s domain.
To avoid falling victim to this phishing attack, you should always hover your cursor over any links in the email to see where they lead. If the link doesn’t direct you to the authorised website, do not click on it.
Here is an example: You get an email from “Netflix” asking you to update your payment information. The link, when hovered over, shows “net-flixupdate.com” rather than “netflix.com” – this is a classic phishing scam.
Read More: 9 Tips To Spot A Fake QR Code Scam |
5. Watch Out for Unsolicited Email Attachments
Phishing emails frequently come with suspicious attachments that contain malware designed to infect your device. Scammers may try to lure you to download spam by claiming the attachment contains sensitive information like an invoice, tax documents, or legal notices.
The Email Security Risk Report by Egress highlights a significant increase in HTML attachments from 2021 to 2024. In HTML smuggling attacks, scammers hide malicious scripts within these attachments, allowing them to evade traditional security measures.
Additionally, the rise in PDFs and Word documents is linked to financial-themed payloads, particularly wire fraud. These file types are commonly used in invoice fraud attacks, leveraging social engineering to prompt quick responses from targets.
In reality, clicking on these files can lead to your device being compromised. Legitimate organisations and government agencies rarely, if ever, send unsolicited attachments. Therefore, you should always be cautious with attachments, particularly if you weren’t expecting them.
For example, an email claims to be from HMRC with tax numbers and a zip file attachment labelled "Your Tax Refund Info." HMRC does not send tax refunds via unsolicited emails with attachments – this is a scam email.
6. Be Suspicious of a Sense of Urgency
Phishing messages often convey a strong sense of urgency to pressure recipients into acting quickly. The goal of suspicious emails is to make you panic, hoping you’ll click on a suspicious link or provide your login credentials without thinking. The email might claim your account is about to be suspended, or that you’ve missed a payment and need to take immediate action to avoid negative consequences.
Authorised organisations, especially financial institutions, rarely ask customers to take urgent action through email. If an email makes you feel rushed, it’s likely part of a phishing attempt. Therefore, you should always pause, verify the message with the company directly, and avoid acting impulsively.
Example: An email from “your bank” says your account will be locked in 24 hours unless you “click on a link” to confirm your identity. Scammers often rely on creating urgency like this to catch you off guard.
7. Check for Inconsistencies with Legitimate Companies
Finally, a key strategy to spot phishing emails is to compare the content of the email with your knowledge of how legitimate companies operate.
For instance, most companies will not ask for sensitive details like passwords, account numbers, or payment information over email. If the message asks for user credentials or other sensitive account data, be suspicious.
Furthermore, if an email claims to be from a reputable business but arrives from a public domain like Gmail or Yahoo, this is another clear sign that the email is a scam. A legitimate organisation will use its email domain.
Example: A supposed email from “Amazon” asks you to provide your login credentials directly in response to the message. Moreover, recognised organisations like Amazon will never ask for this type of sensitive information via email.
Read More: What is Email Overload and How to Manage it |
What To Do Next: Report Phishing Emails
If you suspect you have received any request for PII (personally identifiable information) or an unusual request the main warning sign of a phishing email, it is important to report it immediately.
In the UK, you can report a sceptical email by forwarding it to report@phishing.gov.uk.
But sometimes the forwarded emails may not reach NCSC’s SERS (Suspicious Email Reporting Service) because their spam detector may recognise phishing emails.
So, if you're unsure about the sender of the email, you can take a screenshot of it and send that to report@phishing.gov.uk.
Why You Should Report Phishing Emails
Suspicious emails often aim to trick you into clicking a link. This link may lead to a website that downloads a virus or steals your passwords and personal financial information elsewhere. This is called " email phishing."
The government agency National Cyber Security Centre (NCSC) can investigate and remove sceptical email addresses and websites. Also, you can report an email phishing which is free and takes just a minute. By reporting phishing attempts, you can:
-
Reduce the number of scam emails.
-
Make it harder for cyber criminals to target you.
-
Help protect others from online crime.
How can Aztech Help?
Aztech’s advanced email security service protects your organisation from cyber threats targeting your email system. Our multi-layered approach enhances your cybersecurity by guarding against email-based dangers, including malware, spam, and phishing attacks.
The Aztech email protection solution scans emails through a secure gateway for URLs, attachments, and other potential risks using cutting-edge technologies and in-depth threat intelligence. This process effectively safeguards against impersonation attacks and mitigates cyber threats like spoofed emails and business email compromise (BEC) scams.
Summary
Spotting a phishing email is not always easy, but by keeping these 7 ways to spot phishing emails in mind, you can significantly reduce your risk of becoming a victim of phishing scams in 2025.
Whether an email looks too good to be true, entirely out of the ordinary or even routine, you should always look out for generic greetings, check the email address of the sender, spot for poor spelling, grammar and spelling mistakes, avoid clicking on suspicious links and unsolicited attachments, always be suspicious of a sense of urgency and check for inconsistencies with legitimate organisations.
By practising these security measures, you’ll help prevent falling victim to a phishing email and protect yourself from the negative consequences of a phishing attack.
For more information on advanced email protection and cyber security awareness training for your team, please feel free to contact us.