"You Ask. We Answer." Blog

Responsive and relevant insights into the questions our partners have.

How Can My Employees Better Identify a Malicious Email?


With a little vigilance, you can greatly minimize the threat of email cyber security incidents. Here are 4 signs of a potential phishing attack. 

Often, the best line of defense in a cyber attack is your own awareness. Email is a central means of communication for all companies today. But email phishing attacks, one component of the broader social engineering threat, remain a top risk for companies and users looking to secure their data.

The bad news: According to the FBI, phishing was the most common type of cybercrime in 2020—and phishing incidents nearly doubled in frequency, from 114,702 incidents in 2019 to 241,324 incidents in 2020.

The good news: With a little vigilance, you can greatly minimize the threat of email cyber security incidents. By identifying phishing attacks on the front end and help protect your business. These four signs of a phishing attack should help.

Spotting a Malicious Email: 4 Signs of a Potential Phishing Attack:

1. The email is poorly written.

Perhaps the easiest way to detect a malicious email is when it just sounds (or looks) off. Common sense very much applies here. One familiar tell-tell sign? See if the greeting or salutation sounds unfamiliar with interaction used in your particular business.

2. The email anatomy doesn’t add up.

There may be noticeable inconsistencies in the email address, “from names,” links, and domain names. The “From Name” may sound familiar or at least legitimate. But look closer. Does the email address, link, or domain name look completely unrecognizable? 

Tip: Hover over the hyperlink (DON’T CLICK!) and investigate the URL to further identify if the email is legitimate or not.

2. The email is from your “Boss” (and it’s urgent).

Social engineering preys on the idea that end-users very much want to perform urgently for their boss.

Have you ever received an email from your “boss” (The Display name at least says it is) asking for 5 Amazon gift cards? And does he or she need them urgently? If the request seems out of place, it probably is. Investigate the actual email address to see if it is really from your superior.

Even better: Pick up the phone and call this person. Ask them if they did indeed send that email. Two-factor approval, much in the same vein as two-factor authentication, involves employees across departments training themselves to call a known, internal colleague to confirm that a request for information was in fact sent from that individual.

4. The email is asking for login information or sensitive data.

Any email that looks the slightest bit unfamiliar and requests login credentials, payment information, or any other sensitive data should be treated with extreme caution. Cybercriminals go to great lengths to create fake login pages that look similar to those of Microsoft, Apple, or others.

Ready to learn more about equipping your team with cyber security best practices? Unsure where your company stands with cyber security preparedness? Schedule a visit with a Datamax Technology Consultant today!

Visit With a Datamax Technology Specialist ›


About Jeff Walker

Jeff Walker serves as the Marketing Communications Manager for Datamax Inc. As a Hubspot Inbound Certified Marketing Professional, Jeff works to ensure valuable experiences for those engaging with Datamax online and elsewhere. Prior to joining Datamax, he worked as a reporter, critic and editor.

Topics: Network Management Network Security Cybersecurity