Online Safety

How to Spot a Phishing Email

8 min read March 1, 2025

How to recognize fake emails that try to steal your passwords or personal information.

What Is a Phishing Email?

The term phishing (pronounced "fishing") describes an email — or sometimes a text or phone call — designed to trick you into handing over something valuable: your password, your credit card number, your Social Security number, or access to your accounts.

Think of it like a fisherman casting a wide net. The scammer sends thousands of identical emails hoping that even a small number of people click the link or reply with their information. They don't need most people to fall for it — just a few.

What makes these emails so effective is that they're designed to look completely real. They can copy the exact logo, colors, and writing style of banks, Amazon, the IRS, Medicare, Apple, and other trusted organizations — right down to the fine print at the bottom.📖 By the Numbers

According to the FBI, phishing is the most reported cybercrime in the United States, with hundreds of thousands of victims each year. Americans over 60 lose more money to online fraud than any other age group — not because older adults are less intelligent, but because they are targeted more aggressively.

A Real-Looking Fake Email — Annotated

The best way to learn what to look for is to see it. Below is an example of a fake email designed to look like it came from Amazon. The red notes point out the clues that reveal it's a scam. ⚠️ Example Scam Email — Do Not Click Any LinksFrom:Amazon Customer Service <amazon-security@account-verify-center.com>To:you@email.comSubject:⚠️ ACTION REQUIRED: Your Amazon account has been suspended🚩 Red flag: The email address is NOT from Amazon. Real Amazon emails only come from addresses ending in @amazon.com — never from made-up domains like "account-verify-center.com."

Dear Valued Customer,🚩 Red flag: Real companies that have your account on file address you by your actual name — "Dear Margaret" — not a generic greeting like "Valued Customer."

We have detected unusual activity on your Amazon account. To protect your security, we have temporarily suspended your account. You must verify your information within 24 hours or your account will be permanently closed and any pending orders cancelled.🚩 Red flag: Urgent deadlines ("24 hours," "immediately," "or your account will be closed") are a classic pressure tactic to stop you from thinking clearly or checking with someone you trust.

Please click the button below to verify your account and restore full access:

Verify My Account Now🚩 Red flag: This button links to a fake website — not Amazon. Hovering over a link (on a computer) or pressing and holding it (on a phone) reveals the real address. If it doesn't say amazon.com, don't click it.

Amazon Security Team
© 2025 Amazon.com, Inc. All rights reserved.🚩 Red flag: Adding a copyright notice and the company name at the bottom is easy for scammers to copy. It means nothing on its own.

That email may look convincing at first glance — but once you know what each warning sign means, the whole thing unravels quickly.

The Sender Address: The Most Important Clue

The single most reliable way to identify a scam email is to look at the email address it came from — not just the name displayed, but the actual address. Criminals are very good at making the displayed name say "Amazon" or "Chase Bank" while the actual address is something completely different.

Here's how real company addresses compare to common fake ones:

Company	Real Email Address	Fake Address (Example)
Amazon	@amazon.com	@amazon-security-center.net
PayPal	@paypal.com	@paypal-alerts.info
Chase Bank	@chase.com	@chase-account-verify.com
Apple	@apple.com	@apple-id-support.org
Medicare / Social Security	@ssa.gov / @medicare.gov	@medicare-benefits-update.com

💡 How to See the Real Sender Address

On most email programs and phones, you only see the sender's display name by default. To see the actual email address: on a computer, hover your mouse over the sender's name, or click on it. On a phone, tap the sender's name at the top of the email. The real address will appear. If it doesn't end in the company's official domain (like @amazon.com or @chase.com), it's a fake.

Ten Warning Signs to Look for in Every Email

Beyond the sender address, here are the patterns that appear most often in phishing emails:

Generic greetings: "Dear Customer," "Dear User," or "Dear Account Holder" instead of your actual name.
Urgency and pressure: Threats of account closure, arrest, lost benefits, or frozen accounts with tight deadlines ("respond within 48 hours").
Suspicious links: Buttons or linked text that, when hovered over, reveal a web address that doesn't match the company's real website.
Requests for personal information: Any email asking for your password, Social Security number, bank account number, or credit card details. Legitimate companies never ask for these by email.
Attachments you didn't expect: Files with names like "Invoice_2847.pdf" or "Your_Statement.zip" from companies or people you don't recognize.
Spelling and grammar mistakes: Unusual phrasing, missing words, or awkward sentences — though be aware that many modern scam emails are now well-written.
An offer that's too good to be true: You've won a prize, received an inheritance, or been selected for a special refund you never applied for.
A mismatch between the topic and the sender: An email from "FedEx" about a package when you haven't ordered anything. An email from "Chase" when you don't have a Chase account.
Pressure to act in secret: Any instruction not to tell anyone about the email, or to act "discreetly," is an immediate red flag — especially in family emergency scams.
Slightly wrong company names: Scammers sometimes use near-identical names: "Arnazon" instead of "Amazon," or "Paypa1" instead of "PayPal." Read the sender address carefully, character by character.⛔ Never Do This

Never click a link in an email asking you to "verify your account," "confirm your identity," or "restore access" — even if the email looks completely real. Instead, open a new browser tab and go directly to the company's website by typing the address yourself, then log in from there. If there's a real problem with your account, you'll see it there.

Types of Phishing Emails You're Most Likely to See

Account Verification Scams

These claim your account at a bank, online retailer, or service like Netflix or Amazon has been compromised, locked, or requires verification. The goal is to get you to click a link and enter your username and password on a fake website — which the scammer then uses to log into your real account.

Package and Shipping Notifications

These mimic emails from USPS, UPS, FedEx, or Amazon saying a package couldn't be delivered or is awaiting customs clearance. They ask you to click a link to reschedule, pay a small fee, or confirm your address. Since most people are expecting a package at any given moment, these have a high success rate.

Tax and Government Notices

These pretend to be from the IRS, Social Security Administration, or Medicare. They claim you owe money, that your benefits are being suspended, or that you're owed a refund. The IRS contacts people by mail, not email. The SSA does not email threats of benefit suspension. These are always scams.

Tech Support Emails

These claim your computer has a virus, that your Microsoft or Apple account has been compromised, or that you need to renew a software subscription. They often include a phone number to call — and if you call, someone will pretend to be a support technician and ask for remote access to your computer.

Family Emergency Scams

These claim to be from a grandchild, child, or other family member who is in trouble — stranded abroad, in an accident, or in legal trouble — and urgently needs money wired or gift cards purchased. They may ask you not to tell other family members because they're "embarrassed." Always call the person directly on the number you have for them before taking any action.

What to Do When You Receive a Suspicious Email

1Don't click any links or open any attachments Even opening an attachment can sometimes be enough to cause harm. If something feels off about an email, trust that instinct before doing anything else.
2Check the sender's actual email address Click or tap the sender's name to reveal the full email address. If it doesn't end in the company's official domain (like @amazon.com or @chase.com), it's a scam. This one step will catch the vast majority of phishing emails.
3If you're genuinely worried, verify independently Don't use any link, phone number, or information in the suspicious email. Instead, go directly to the company's real website by typing the address yourself, or call the number printed on the back of your card or on your official statement. If the concern is real, you'll be able to address it that way.
4Mark it as spam or phishing in your email program Most email services — Gmail, Outlook, Yahoo Mail — have a "Report phishing" or "Mark as spam" option. This helps the email service get better at filtering these messages for everyone.
5Forward it to the real company (optional but helpful) Most major companies have a dedicated email address for reporting phishing impersonation. Amazon's is stop-spoofing@amazon.com. PayPal's is phishing@paypal.com. A quick internet search for "[company name] report phishing email" will find the right address.
6Delete the email Once you've reported it, delete the email. There is no reason to keep it, and having it in your inbox creates the risk of accidentally clicking something later.

What If You Already Clicked a Link or Entered Information?

Try to stay calm — you're not the first person this has happened to, and what matters now is how quickly you act.

If you clicked a link but didn't enter anything: Close the browser tab immediately. Run a scan with your device's built-in security software if possible. Monitor your accounts over the next few days for anything unusual.
If you entered your email and password: Go immediately to the real website and change your password. If you use the same password on other accounts, change those too — especially your email account. Turn on two-factor authentication if you haven't already (see our guide on that topic).
If you entered financial information: Call your bank immediately using the number on the back of your card. Explain what happened and ask them to flag your account for fraud monitoring. They may issue you a new card number. Also consider placing a fraud alert on your credit by contacting one of the three major credit bureaus: Equifax (1-800-525-6285), Experian (1-888-397-3742), or TransUnion (1-800-680-7289).
If you gave out your Social Security number: Report it to the FTC at identitytheft.gov — the site will walk you through a personalized recovery plan. Consider also placing a credit freeze, which prevents anyone from opening new accounts in your name.⚠️ Act Quickly

The sooner you contact your bank or change your passwords after a phishing incident, the better. Banks and credit card companies are very experienced at handling fraud and are generally quite helpful when you call. You are not going to be in trouble for being deceived — this happens to millions of people every year.

Simple Habits That Protect You Going Forward

When in doubt, don't click. Go to the company's website directly instead. A real alert will be visible when you log in through the official site.
Use two-factor authentication. Even if a scammer gets your password, two-factor authentication prevents them from logging in without the second step. See our guide on MFA for a full walkthrough.
Use strong, unique passwords. If a scammer captures your password for one site, unique passwords mean they can't use it anywhere else.
Talk to family members about what you receive. If an email claiming to be from your bank or the IRS makes you anxious, call a trusted family member and describe it to them before doing anything. A fresh set of eyes often spots the problem immediately.
Keep your email's spam filter updated. Gmail, Outlook, and most major email services automatically filter many phishing emails — but checking your spam folder occasionally is worthwhile so you don't miss anything legitimate.

Key Takeaway

Every phishing email is built around one strategy: making you act before you think. The most powerful protection you have is a single moment of pause. Before clicking any link in an email, ask yourself: Did I expect this email? Does the sender address match the company's real name? Is this asking me to do something urgently? If any answer gives you pause, close the email and go directly to the company's website yourself. That habit alone will protect you from the overwhelming majority of phishing attacks.

Stay One Step Ahead of the Scammers

Subscribe to Savvy Silver Tech for full access to every safety guide, video walkthrough, and our weekly newsletter — all written in plain, patient English.Get Full Access — $2.99/mo

Cancel any time. No commitment required.

Free

A New Scam Warning from Google: Fake Government Calls and QR-Code Phishing Are Getting More Convincing

Google's latest scam advisory warns about more sophisticated phishing, fake government messages, and high-pressure calls that try to steal money or login information. The safest response is still simple: pause, verify, and do not move money under pressure.

Free

Medicare Recipients: Watch for Fake Hospice Sign-Ups and "Free Home Service" Offers

The FBI is warning that some Medicare recipients are being signed up for hospice care they do not need, sometimes without fully understanding what they agreed to. Be cautious of anyone offering free home services in exchange for signing forms.

Free

When a Red Alert on Your Phone Tells You to Call: The Apple Gift Card Scam

A frightening red warning can make it look like your phone is disabled until you tap a button and call support. Here is how scammers use that trick, remote access apps, and gift cards to steal money.