Cybersecurity – How to detect a phishing email

The health and safety industry has changed and broadened to include much more than physical safety. As more and more work is being done remotely, there is an increased need for awareness around IT and Cybersecurity best practices to help safeguard both companies and workers from attacks on their digital infrastructure, or personal privacy.

One of the most common forms of digital attack is phishing emails.

What is a phishing email?

An email, often sent from a seemingly trustworthy source, aimed at tricking the recipient into handing over sensitive information or installing malware.

Most people know that phishing emails may come their way, but when the average awareness increases and people are tricked less often, cyber criminals adjust to find new and more covert ways to trick victims into providing information or clicking on dangerous links.

Just as in worksite safety, it is important to always be aware of and watching for hazards.

Here are some key things to watch for to identify a phising email:

1. Were you expecting this email?

If you are not expecting an email from the “sender” or are not expecting the content of the message, this is your first hint that something is amiss. For example: you receive an email with a link to an invoice or payment from someone you do not recall having a recent transaction with.

Tip: If you feel surprised at the content of an email, or anything feels out of the routine, always check for other signs of phishing

2. Check the sender’s email address & domain

Never rely only on the sender’s name. Checking the sender’s email address can often provide you all the information you need.

Red flags:

  • Public domain (ie. – an email from a company will have their company domain name
  • Misspelled domain – watch closely for missing letters or mixed up letters and numbers that can easily be overlooked. For example: instead of @netflix it might swap the “i” for a “l” like @netfllx. Or instead of @facebook it might say @facbook
  • Unfamiliar domain – the domain may not match what you’re used to seeing from a specific company, or may be simply a jumble of words, letters or numbers. For example: the sender name is “Facebook” but the email address is
Tip: if you’re unsure if the domain is legitimate, check the company’s website contact information

3. Typos or poorly worded content

If anything about the sentence structure feels off to you, this could be a sign of a phishing email. For example, it might say “your computer security has being threaten by a virus”

Tip: watch for grammatical errors or sentences that don’t “flow” well, not just typos

4. Suspicious links or attachments

Attachments: before clicking on any attachment, always check for other signs of phising. If you are not expecting to receive that attachment, follow up with the company before opening it.

Links: If the destination link does not match the email sender, it is likely to be illegitimate. If it is to do with an account you can log into online, or a person or company you can contact directly, they will be able to confirm if there is a legitimate concern that needs to be addressed.

Tip: odd or unfamiliar file names and link pathways can be a sign that the link or attachment are not legitimate, and should be confirmed with the sender

5. A strong sense of urgency

Tricking you into reacting quickly can keep you from thinking critically and catching other signs that something isn’t right. Phishing emails often present an urgent need or request, or come from a sender with high importance – like your boss, the HR department, or a government agency. If something seems out of place, confirm the request with the sender by calling directly (not the contact information provided in the email) or another individual who can confirm the legitimacy.

Tip: If it is of great importance or urgency, there will be ways to confirm the information or complete the request without clicking on the enclosed link or attachment

For more examples of phishing emails and ways to watch out for scams, check out this post by IT Governance:

Cybersecurity – How to detect a phishing email