Can You Spot a Phishing Email? Watch Out for These 3 Red Flags

Phishing - Can You Spot a Phishing Email - Banner (Updated)

Can You Spot a Phishing Email? Watch Out for These 3 Red Flags

Is your inbox inundated with spam emails every day? It can be frustrating to find important correspondence when it’s buried under a sea of promotional emails, and sometimes, even an email that seems legitimate can be a dangerous phishing email.

Phishing is a fraudulent practice where a target is contacted via email, telephone, or text message by someone pretending to represent a legitimate organization. Usually, the goal of phishing is to lure you into disclosing sensitive information, like banking and credit card details, passwords, or your social security number. When phishing takes the form of an email, scammers might also try to lure you into clicking a link or opening an attachment that will infect your device with malware.

It’s an unfortunate reality that phishing has become commonplace. Most of us know to look out for phishing attacks in our personal lives AND at work. But the problem is even more pervasive than many realize. In 2017, the average user received 16 phishing emails every month.

Are you confident that you can identify a phishing email? Here are 3 red flags to watch out for:


1. There Are Typos or Grammatical Errors

Legitimate companies typically take great pains to write, edit, and proofread marketing materials and scripted correspondence. A poorly written email is a sign that the correspondence is not from a legitimate company.

Experts actually believe there’s a reason that phishing emails are so poorly written—to weed out “false positives.” Scammers don’t want to target someone that may respond to the initial inquiry, but upon noticing other red flags, ultimately not follow through. When an email is easily recognizable as a scam, users that still respond are much more likely to ignore red flags and send money or sensitive information. Thankfully, you can turn this to your advantage to easily identify phishing attempts.


Click image to enlarge

2. You Are Asked to Take Action

In order to succeed, phishing emails require the recipient to take a specified action. Usually, they request that you click on a link, or open an attachment. Scammers have a number of shady techniques they use to lure unsuspecting recipients into revealing their personal information.

At first glance, an email might look like it’s from someone you know. It might appear as if it was sent to you from your bank, or a coworker, or even your boss. If the email is from an unfamiliar address, phishing scams often use scare tactics to convince you to ignore your better judgment.

A well-known example of this is the “Your account has been compromised” email. In this scenario, you receive an email from your “bank,” claiming that your account has been compromised, and requesting that you login to change your credentials. When you click on the link, malware will be downloaded to your system, or you’ll be taken to a spoofed site, controlled by the scammer, so that they can intercept your information as soon as you click “Submit.”

When in doubt, contact the organization directly.


3. The Link or Domain Looks Unusual

If you receive a suspicious email, first look at the domain. Legitimate organizations have specific domain names that you can usually find on their websites. For example, if you click on our Contact Us page and look under “General Information,” you’ll see that our general contact email is If you received an email from, claiming to be an associate of BASYS Processing, you’d know to be suspicious, because the domain name does not match up.

You should also watch out for links that aren’t what they appear to be. Be vigilant. Some scammers will make the entire email a hyperlink. To inspect a link, hover over it with your mouse, but don’t click. A box will pop up that displays the actual URL. Does that URL make sense based on who sent the email, and what text is hyperlinked? Look at the below example:

Phishing Example

This email came from and the link appears to be associated with Microsoft’s website, however, upon closer inspection, we can see that the link leads somewhere else entirely.

Unless you’re 100% sure the email is legitimate, don’t click on anything.


What Should You Do When You Receive a Phishing Email?

So, you’ve received an email that you recognize as part of a phishing scam. Now what do you do?

First, notify your IT staff. They will likely alert the rest of your organization to be on the lookout for phishing attempts. Next, think about the organization the phishing email was impersonating. Many companies have a vested interest in preventing phishing emails that appear to be from them. Some, like Wells Fargo, even ask that recipients of phishing emails forward the offending correspondence.

Lastly, you should report the phishing scam to the Federal Trade Commission by following their simple online instructions.


Final Thoughts

Prepare yourself, because this next statistic is a doozy. Ready? 91% of successful cyber-attacks start with a phishing email. But consider this. That means that 91% of cyber-attacks are easily preventable if you can recognize a phishing email. Making sure that you and your organization can recognize these fraudulent emails means you’re well-equipped to avoid a cyber-attack and subsequent data breach.

BASYS Processing as a business partner 

Does your current processor understand the unique struggles of your industry? Do they provide great rates and personal customer service? Are they offering solutions to grow your business and being proactive about helping you reduce risk and increase your savings? 

Contact BASYS today to learn more about innovative payment solutions that will save you time and money. We make accepting debit cards and credit cards convenient, safe and affordable. 

BASYS Processing features: 

• A friendly, live voice will answer the phone when you call; no automated phone systems 
• In-house PCI Compliance team to walk you through the process step-by-step, improving security and reducing costs
• A knowledgeable Account Manager assigned to your business to support your needs 
• Accept payments in person, over the phone or online
• Next-day funding options 


About BASYS Processing 

BASYS Processing provides credit card and debit card processing services, plus solutions that include terminals, virtual terminals, e-commerce, mobile, and point-of-sale, customized to fit any need.  Banks, associations, and software partners depend on us to strengthen their reputations and relationships with their customers by providing remarkable service paired with ultimate flexibility and pricing. Merchants depend on us to make accepting credit cards and debit cards convenient, safe & affordable. BASYS was founded in 2002 on one philosophy: to take care of our merchants, partners, and employees so they never want to leave. We are dedicated to working one-on-one with our customers to design the perfect solution. BASYS is Personal Payment Processing. 

Learn more at, and connect with us online at: