Email is one of the most common ways we communicate with friends, family, businesses, and organizations. But it’s also one of the easiest ways for scammers to reach you. They often use phishing emails that appear genuine but are designed to trick you into sharing personal information, such as passwords or bank account details. The good news? You don’t need to be an expert to stay safe. In this post, you’ll learn how to spot a fake email using a few simple, clear clues. When something doesn’t feel right, the best thing to do is pause and ask:
Does this feel normal? Would this person or company contact me this way?
Just remember our golden rule:
Wait, Watch, Then Click (or don’t!).
How to Spot a Fake Email: Look for Clues
1. It Looks Sloppy or Rushed
One of the easiest ways to spot a fake email is by looking at how it’s written. Many fake emails are poorly written. You might notice:
- Misspelled words
- Strange grammar
- Sentences that don’t quite make sense
That’s because scammers often use translation tools, or quickly write messages without proofreading.
For example:
“Your acount is temporarly susspended. Click link immediatly to restore.”
That’s more than just typos — it’s a warning sign. Legitimate companies, especially those dealing with money or sensitive information, don’t send messages filled with mistakes like this.
We once received a spam message at SDM that was written entirely in Japanese and referenced financial investments we were not involved with. That made it easy to spot and delete — and that’s exactly what you should do when something feels off.
2. The Email Address Looks Almost Right
Scammers often send emails that look like they come from trusted companies, but if you look closely, there are red flags that help us spot a fake email. One common trick is to use email addresses that look almost right but are slightly off. For example, an email might say it’s from Microsoft, but the address is something like:
support@rnicrosoft.com
At first glance, the “r” and “n” together look like an “m”, but on closer inspection, you can tell it’s not legitimate. Scammers count on people reading quickly and not noticing the small differences.
Another trick? The name that shows in your inbox isn’t always real. The sender can type in any display name they want, like “John Smith.” But if you click or tap on that name, you might find the real email address is: fh3ifg6gldn@gmail.com. That mismatch is a warning sign that the message may not be trustworthy.
3. Watch for Urgent Language and Look Closely at Email Addresses
Scammers use urgent messages to make you act fast. In this example, the subject line says things like:
LAST REMINDER! Your iCloud Account has been Suspended!
And the message warns: “Your cloud storage files may be removed today!” These phrases are designed to make you panic. But don’t click anything just yet!
Look closely at the part of the address after the @ symbol. That’s called the domain name. It tells you where the email is really from; Cloud@hotmail.com. But Apple would never use a Hotmail address. A real iCloud email would come from: @icloud.com
If you’re unsure, always tap or click on the sender’s name to check what the full address says. Quick Tip: “support.apple-help.com” is really from apple-help.com, not Apple. But “help.support.apple.com” would be from apple.com, which is correct.
Before acting on an email, always take a moment to ask: Is this how this company usually contacts me? Does that email address look normal, or is it just close enough to be suspicious? That pause might save you from a scam.
4. The Message Tries to Scare or Pressure You
Many fake emails use fear to get your attention. The goal is to make you act quickly, often without thinking. Like our example above, you might see subject lines like “Your account will be deleted in 1 hour!” or “Security alert: your account is locked!” The message may go on to say that unless you click a link or provide information right now, something bad will happen.
This fake email uses urgency and scare tactics — a common phishing strategy. It claims your LinkedIn account will be closed unless you upgrade immediately, then asks for your email and password. The grammar is off, and no real company would ask for personal login details this way. Always stop and think before clicking on messages like this.
This is where the virtue of taking a minute to asses this sitatuion is especially important! Ask yourself: Does this seem overly dramatic or unusual? Legitimate companies usually give you time and options — they don’t rush or threaten you.
5. The Email Promises Something Too Good to Be True
Not all phishing emails are scary. Some try to tempt you with exciting news or gifts. You might get a message that says you’ve won a prize, been selected for a free offer, or are eligible for an unbelievable discount. It could be something like “You’ve won a new iPhone — click here to claim it” or “Special reward for loyal customers: 80% off today only!”
Remember the old saying: There’s no such thing as a free lunch. Before you believe the hype, take a moment to ask: Is this a surprise offer that seems too good to be true? Why would someone give me something for free out of nowhere?
What to Do if You Get a Suspicious Email
If an email feels suspicious or triggers any of the clues above, the best thing you can do is to avoid interacting with it entirely. Do not click on any links, open any attachments, or reply to the message — even to say “stop” or “unsubscribe.” That can confirm to the sender that your email is active, which may lead to more scams in the future.
You should open a browser and go to the account or business in question and attempt to find the appropriate information or phone number, INDEPENDENT of any information in the email.
Below we have an example of one such email, the language is off in both the subject and body. There’s a suspiciously shortened link to an unknown site at the bottom.
If you’re still unsure, talk to someone you trust. The SDM Foundation is a nonprofit organization dedicated to helping people feel confident using technology, and our team is always here to support you when you have questions.
Trust Your Gut
At the end of the day, your best defense is to trust your instincts. You don’t have to memorize every trick or rule — just remember to slow down and think it through. Most scams rely on surprise and urgency. If you take a breath and give yourself time to consider what’s happening, you’ll be much better protected.
So whenever something feels strange, unfamiliar, or too good to be true, remember: Wait, Watch, Then Click (or don’t!)
And if you’re ever unsure, don’t hesitate to reach out — we’re always here to help with email concerns or questions about staying safe online!
Helpful Links
How to Recognize and Avoid Phishing Scams – The Federal Trade Commission’s Article on how to avoid phishing scams.
Microsoft’s Articles on Phishing
If you have questions about this post, or our services in general, just call or email. We’re happy to assist you! Feel free to use our contact form to send us a message. Thank you!