Recognising Phishing Emails

Recognising Phishing Emails
paypa1-secure.net/login PHISHING Identify the warning signs

Learn to spot the warning signs of phishing emails before clicking any links or opening attachments.

Recognising Phishing Emails

Phishing is the most common entry point for cyberattacks worldwide. It uses deceptive emails to trick you into revealing credentials, clicking malicious links, or opening dangerous attachments.

How a Phishing Attack Works

Attacker crafts fake email â‘  LURE Email lands in your inbox â‘¡ DELIVERY Victim clicks link or attachment â‘¢ CLICK Fake login page captures creds â‘£ HARVEST Attacker accesses your account ⑤ COMPROMISE STOP HERE — don’t click

Anatomy of a Phishing Email

The best way to protect yourself is to know what red flags to look for. Here is a real-world example broken down:
From: security@micros0ft-alerts.com Subject: [URGENT] Your account will be suspended Dear Valued Customer, We have detected suspicious activity on your Microsoft 365 account. You must verify your identity within 24 HOURS or your account will be permanently suspended. Verify Account Now → http://malicious-site.ru/microsoft/login/steal-creds.php âš‘ Fake domain: “micros0ft” (zero instead of ‘o’) âš‘ False urgency — creates panic âš‘ Hover reveals malicious URL (.ru domain, not microsoft.com) âš‘ Real URL exposed in status bar Always check before clicking
⛔ Important
Never click links or open attachments in unexpected emails — even if the sender appears legitimate. Attackers can spoof display names perfectly. The domain in the email address is the only reliable indicator, and even that can be faked with lookalike characters.

Red Flags Checklist

Red Flag What to Look For
Sender domain Does the domain after @ match the real company exactly?
Urgency / threats “Act now or lose access” — legitimate companies don’t demand this
Unexpected attachment Were you expecting this file? .zip, .exe, .doc with macros are high risk
Hover URL Hover over links — does the real URL match the display text?
Generic greeting “Dear Customer” instead of your name suggests a mass phishing blast
Request for credentials No legitimate service will ever ask for your password via email

Spear Phishing vs Mass Phishing

  • Mass phishing — sent to millions, generic content, relies on volume
  • Spear phishing — targeted at a specific person, uses your name, employer, role, or recent activity scraped from LinkedIn. Far more convincing and dangerous.
⚠ Warning
Modern spear phishing emails are written using AI and personalised with information scraped from LinkedIn, company websites, and social media. They contain no spelling mistakes, use your real name, and reference your actual employer. Appearance alone is no longer a reliable trust signal.

What To Do With a Suspicious Email

  1. Don’t click any links or open attachments
  2. Report it to IT using your organisation’s reporting method (e.g., the “Report Phishing” button in Outlook)
  3. Delete it after reporting
  4. If you accidentally clicked — tell IT immediately. The sooner they know, the faster they can contain any damage.
✓ Key Point
When in doubt, go directly to the website by typing the address in your browser — never via the link in the email. If the email claims to be from your bank, open a new tab and navigate to the bank’s website yourself.
Would your team click it?
One convincing phishing email is all it takes to hand an attacker your inbox — or your whole business. Mobile Techs IT Service helps Gold Coast businesses stay off the hook: email security and spam filtering, correctly configured SPF, DKIM and DMARC, phishing-awareness training for staff, and rapid response if someone has already clicked. Home users welcome too — on-site or remote, anywhere in Australia.