Blog

How to Tell If an Email Is a Scam: 8 Red Flags

DeBounce
Articles
22 min read

Key Takeaways

  • The sender’s real email address is one of the most reliable scam signs. Display names are easy to fake, but the actual sending domain usually gives it away.
  • Scammers create urgency because pressure leads to mistakes. Slowing down gives you time to check the details.
  • Links are a common phishing tool. Hover before you click, or press and hold on mobile, to see where the link really goes.
  • Clean writing and a convincing layout no longer prove an email is legitimate. AI-assisted scams can look polished and realistic.
  • When something feels off, verify through the company’s official website or a phone number you already trust. Do not use contact details from the suspicious email.

Scam and phishing emails are more convincing than they used to be. The obvious misspellings and fake inheritance stories are still out there, but they’ve been joined by emails that look like real messages from banks, delivery companies, software tools, and online services. Anyone can be targeted, and the realistic ones are easy to miss on a busy day.

You can usually tell if an email is a scam by checking three things: the sender’s real address, where the links actually go, and what the message is pressuring you to do. From there, the next steps are simple: recognize the red flags, verify the sender safely, and act quickly if you have already responded.

How to Tell If an Email Is a Scam

To tell if an email is a scam, check that the sender’s real address matches the company it claims to be from, hover over links to see where they truly lead, and be wary of urgency, requests for passwords or payment, and offers that seem too good to be true.

Most scam emails use more than one warning sign. A fake bank email, for example, might have an urgent subject line, a slightly misspelled sender domain, and a link that leads to an unfamiliar site. One issue might be easy to overlook, but several together are a clear warning. The red flags below cover the most reliable signs to check first.

Is this Email a Scam

1. The sender’s address or domain does not match

This is the most reliable indicator. Every email has a display name, which is the friendly label you see in your inbox, and a real sending address behind it. Scammers often set the display name to “PayPal” or “Amazon Support” while the actual sending address is something entirely unrelated or a convincing near-copy.

Always open the full email address before trusting the message. Watch for lookalike domains such as amazom.com instead of amazon.com, paypa1.com with a number replacing a letter, or netflix-support.info on an unfamiliar extension. These substitutions are easy to miss when you’re moving quickly.

Email spoofing can fake a familiar-looking address, so a correct-looking sender is not proof that the email is safe. For sensitive messages, always verify through a separate channel.

2. The message creates urgency, fear, or pressure

Scammers manufacture panic because rushed decisions make people less careful. Common pressure tactics include account-suspended notices, failed-payment alerts, threatened legal action, and short deadlines that give you 24 hours or less to act.

Treat forced urgency as a warning sign. Real organizations rarely demand instant action by email or attach immediate, irreversible consequences to one missed message. For example, a bank will not close your account in 24 hours without proper notice, and a delivery company will not destroy your parcel because you did not click a link within the hour.

3. It asks for passwords, payment, or personal details

Certain requests are almost always a scam signal:

  • Passwords or security question answers
  • Full credit or debit card numbers
  • Social Security or national ID numbers
  • One-time verification codes sent to your phone
  • Wire transfers or gift card payments
  • Requests to “confirm” account details through a link

Legitimate companies do not ask for passwords by email. They do not ask for gift cards as payment. They also will not ask you to verify sensitive account details through a link in an unexpected message. If an email asks for any of these, treat it as suspicious until you confirm it through an official channel.

4. The links do not go where they claim

Links are the most common delivery mechanism in phishing emails. The visible link text may look safe, such as paypal.com/security, but the real URL can lead somewhere completely different.

Before clicking any link in a suspicious email, hover over it on desktop, and the real destination appears in the browser’s status bar. On mobile, press and hold the link to preview the URL before tapping. If the visible text and real destination don’t match, don’t click.

Also, be careful with shortened links and unusually long URLs. Short links hide the real destination, while long URLs can bury a suspicious domain inside a string of characters. When a link looks familiar, but the URL does not match the official site, verify through a separate route instead.

5. There is an unexpected attachment

Unexpected attachments are a common way scammers spread malware. Be especially careful with files labeled as invoices, receipts, shipping documents, or anything that asks you to enable macros or log in.

Do not open attachments you were not expecting. Banks and reputable companies usually do not send unsolicited attachments. If an invoice comes from a company you do not recognize, or a file asks for your credentials, contact the supposed sender through their official website to confirm whether they actually sent anything.

6. The greeting is generic or impersonal

Mass-sent scam emails use openings like “Dear Customer,” “Dear User,” or “Valued Member” because the sender doesn’t know who you are. A company you have a real account with will typically address you by your name.

That said, a personalized greeting isn’t proof of safety. Some scams include your name because it appeared in a data breach, and sophisticated phishing campaigns pull real names specifically to appear more convincing. A personal greeting reduces suspicion but doesn’t remove the need to check the other signals.

7. The spelling, grammar, or formatting looks off

Obvious misspellings, awkward phrasing, inconsistent fonts, or a stretched logo are signs of a low-effort scam. When something looks like it was assembled quickly or translated poorly, treat that as a warning sign.

However, this is one of the weaker checks today. Scammers can use AI tools to write clean, polished emails that look much more convincing than older phishing attempts. Good grammar does not prove an email is safe. Use design and writing quality as supporting clues. If the email still has a strange sender address, suspicious link, urgent demand, or unexpected attachment, do not trust it just because the wording looks professional.

8. The offer or claim is too good to be true

Unexpected prizes, unclaimed refunds, lottery winnings, inheritances from distant relatives, or rewards programs you never joined are bait. So are messages that promise money but require a small upfront fee or your personal details to claim it (a pattern known as an advance-fee scam).

Remember this rule: if you didn’t enter it, apply for it, or do anything to earn it, treat it as suspicious. Genuine rewards do not appear out of nowhere by email. If an offer requires urgency, your details, or any upfront payment, it’s almost certainly not real.

How to Verify Whether an Email Is Legitimate

Spotting red flags is the first step. When you’re still unsure after checking, there are reliable ways to confirm whether an email is real without engaging with the message itself.

Contact the company through a separate, official channel

The most reliable verification method is to close the email and contact the supposed sender independently. Go to the company’s official website by typing the address directly into your browser (not by clicking any link in the email) and use the contact information there. Alternatively, call a number from official correspondence you’ve already confirmed is genuine.

This works because it bypasses any contact information the scammer controls. If the email is fake, the phone number and support address inside it point back to the scammer. Reaching the company through a channel you already trust means you’re talking to the real organization.

Check the sender address and email headers

Confirm the actual sending address beyond the display name, as explained in Red Flag 1 above. For a deeper check, open the email’s full headers; most email clients include a “show original” or “view raw” option. Inside, look for SPF, DKIM, and DMARC authentication results. A failed or missing authentication result on a message claiming to be from your bank is a strong spoofing signal.

You can also verify the sender’s email address to confirm it actually exists and is associated with a real domain. This is a useful step before responding or taking any action on an unfamiliar sender. Scammers frequently send from disposable email addresses built to be used once and then discarded, which is itself a sign the sender isn’t who they claim to be.

Common Types of Email Scams to Recognize

Scams follow recognizable templates. Knowing the most common types makes them easier to identify on first contact:

How to Know If an Email Is a Scam
  • Phishing: Fake login pages that copy banks, email providers, or online platforms to steal your username and password.
  • Spoofing and impersonation: A familiar display name paired with a fake or misleading sender address, often pretending to be a colleague, executive, vendor, or support team.
  • Invoice fraud and business email compromise (BEC): An unexpected invoice or a request to change payment details, typically impersonating a supplier or an internal finance contact.
  • Prize and lottery scams: Winnings from a competition you never entered, requiring a fee or personal details to claim.
  • Tech-support scams: Fake virus warnings or security alerts urging you to call a number or install software.
  • Delivery and package scams: Missed-parcel notices with links requiring you to pay a customs fee or confirm your address.
  • Account-verification scams: Urgent requests to confirm login credentials, typically mimicking platforms you use regularly.

A scam email will usually fit one of these templates closely. Recognizing the type gives you a head start before you even check the sender address or inspect the links.

What to Do If You Receive a Scam Email

Receiving a scam email doesn’t require anything complicated. The response is quick, and acting promptly is most important if you’ve already engaged with the message.

Report, block, and delete the email

If you haven’t clicked anything:

  1. Do not reply, click links, or open attachments.
  2. Report the email in your inbox. In Gmail, open the message, click the three-dot menu, and select Report phishing. Other major email providers have similar options.
  3. Report it to the company being impersonated, using the contact details on its official website.
  4. For broader reporting, you can also send it to CISA or the FTC.
  5. Block the sender and delete the email.

Reporting takes less than a minute and helps providers and authorities identify active campaigns and protect other people from the same sender.

What to do if you already clicked or shared information

Act quickly, but do not panic. Scam emails are designed to pressure people into mistakes, and being caught by one does not mean you were careless.

If you clicked a link but did not enter anything, close the page and run a security scan on your device as a precaution.

If you entered credentials or personal information:

How to Know If an Email Is a Scam
  • Change the password for the affected account right away.
  • Change the password anywhere else you used the same one.
  • Turn on two-factor authentication for the affected account.
  • Contact your bank or card issuer if you shared financial details.
  • Run a security scan to check for anything installed without your knowledge.
  • Monitor your accounts and statements over the next few weeks.
  • Be careful with follow-up scams, including fake “recovery services” that target people who have already been scammed.

If you shared sensitive identity details, consider placing a credit freeze with the major credit bureaus. This can help prevent someone from opening new accounts in your name.

Trust Your Instincts, Then Verify

Most scam emails give themselves away when you slow down and check the details. When a message pressures you to act immediately, asks for information a real company wouldn’t request by email, or comes from an address that looks slightly wrong, trust that hesitation.

Verify through a separate, official channel. Close the email, go to the company’s real website, and check from there. If the message is legitimate, you will confirm it quickly. If it is not, you avoid clicking, replying, or sharing information with a scammer.

When a sender’s address looks unfamiliar or slightly off, you can verify the sender’s email address before deciding whether to trust it. A quick sender check can remove the guesswork from an uncertain situation.

Frequently Asked Questions

Answers to common questions about this topic.
01

Can opening a scam email harm your computer?

Usually no. Simply opening an email is generally safe in modern email clients; the risk comes from clicking links, opening attachments, or entering information on a page the email leads to. Avoid those steps, and you’re typically fine.

02

Can a scam email come from a real or trusted email address?

Yes. Scammers can spoof a familiar-looking sender address, and compromised accounts can send scam emails without the owner knowing. Do not trust an email based on the sender alone. Look at what the message is asking you to do.

03

Should I reply to a scam email to tell them to stop?

No. Replying tells the scammer that your address is active, which can lead to more scam emails. Report the message, block the sender, and delete it instead.

04

Do spam filters catch all scam emails?

No. Spam filters catch many scam emails, but newer and more convincing messages can still get through. That is why it helps to know the warning signs yourself.

05

Is it worth reporting a scam email, and are scam emails illegal?

Yes to both. Reporting takes seconds and helps email providers and authorities identify active campaigns and warn others. Most email scams constitute fraud and are illegal in most jurisdictions, so reporting them matters beyond just your own inbox.