Personal Resource Center

5 tips for spotting a phishing email

Woman looks for phishing emails on computer
Eyeball with dollar sign icon
Tip: Always hover over a hyperlink and read the URL before clicking.

1. Look at the sender's email address

If an email you receive seems suspicious, the first place to look is at the top of the page, where you'll find the sender's email address. Most scammers attempt to closely mirror a known email address to trick you into thinking you're getting that email from a trusted source. However, there will typically be subtle differences.

For example, your financial institution usually sends customer emails from “customerservice@bankname.com." A spammer may mimic an official email address by adding to the web address or by changing the name of the sender, such as “customerservice@bankname.admin.com" or "adminservice@bankname.home.com."

2. Pay attention to the greeting

The email's greeting can also be a tip off. See if it matches greetings you've received from the same company or person in the past. For example, your financial institution likely knows your name and would address any email to you by your name. Greetings like “Dear sir/madam" or “Dear valued customer" can be a giveaway that it's a scammer. If your name is misspelled, that's another red flag.

3. Dust off your proofreading skills

Typically, phishing emails contain at least one — and sometimes several — spelling and grammar mistakes. Those errors could be intentional. Some experts believe scammers include an error or two to try and get past your email server's spam filters.2 In some cases, the email may have been translated from another language, leading to errors in common terms and sentence structure.3 Whatever the case may be, catching those errors — and not clicking on anything in the email — can keep you and your inbox safe.

4. Hover before you click

As a rule, make a point to never click on hyperlinks in any email without examining them first. Simply hover your mouse pointer over the hyperlink to reveal what web address the link is directing to. Often, this can be an easy way to spot a phishing attempt since scammers rely on fake websites. Look for these clues:

  • Added characters in the domain name
  • Additional words in the web address
  • Changes in the top-level domain, like an added ".net" after the standard ".com."
For example, “yourbankname.com" is more trustworthy than “your1bank2name3.com," but you should also be on the look out for more subtle differences like "yourbankname.com.net."

5. Be wary of attachments

Attachments are a common phishing tool. They're designed to pique your curiosity and make you rush to open them. Be careful with any attachments you receive, including ones to cloud storage sites like Dropbox and Google Docs. Before clicking any attachment, ask yourself if the sender would likely send that to you. For example, if you suddenly receive an email from a colleague who never emails you and the email asks you to download an attachment, that's a red flag.

If you think an email you received might be a phishing attempt, don't click any links, don't download any attachments, and don't reply. Instead, call the company or person who sent you the email directly. If you find that the email isn't legit, report it as a phishing attempt to your email provider. Most providers give you the option to report phishing attempts directly from the suspicious email. If you're not familiar with your provider's protocol, an Internet search for your email provider plus "report phishing" is a good way to find instructions.

What to expect from your bank

It's important to know that your bank will never ask you to share personal or private information by email. For example, while Synovus does send emails occasionally with content about our products and services, we never ask our customers to share any sensitive information by email.

If you receive an email from your bank that asks you to share any confidential information, such as your bank account number or Social Security number — or if the email provides a link where you should update your bank account number or Social Security number — don't click on it. It's likely a phishing attempt. Instead, call your bank directly or access your account online through your bank's secure website. And be sure to report that phishing attempt to your bank.

Important Disclosure Information

This content is general in nature and does not constitute legal, tax, accounting, financial or investment advice. You are encouraged to consult with competent legal, tax, accounting, financial or investment professionals based on your specific circumstances. We do not make any warranties as to accuracy or completeness of this information, do not endorse any third-party companies, products, or services described here, and take no liability for your use of this information.

  1. Kaspersky Lab, " Spam and phishing in 2017," https://securelist.com/spam-and-phishing-in-2017/83833/, accessed July 23, 2018. Back
  2. Washtenaw Community College, "How to Recognize Phishing Emails," http://sites.wccnet.edu/its/2012/09/how-to-recognize-phishing-emails/, accessed July 23, 2018. Back
  3. Cisco, "Grammar and Spelling Errors in Phishing and Malware," https://umbrella.cisco.com/blog/2016/02/08/grammar-and-spelling-errors-in-phishing-and-malware/, accessed July 23, 2018. Back