top of page
Follow Us!

How to Spot a Spoofed Email

Updated: Aug 17, 2021

Implementing cybersecurity protection to combat cyber threats such as ransomware or email phishing has become a must for all organizations. Not only is email phishing on the rise but it has become increasingly more difficult to spot a fake or spoofed email. Because of this we've put together some tips that can assist you in determining the legitimacy of an email.

Email Phishing Security


Tip 1: Hover over who the email is from and look at the actual address. If the email address is from for example Microsoft, the domain should include in it.

Spoofed Email Address in Outlook

Tip 2: Hover over the links on the email to expose the destination address. If the email is from for example Microsoft, the destination address should include in it.

Spoofed links in Outlook

Tip 3: Never open up attachments unless you are expecting them and are sure of the sender.

Tip 4: If you are still not convinced and you have previous emails from the sender in question compare the new email against the older email. Does the display name look the same for all emails? Is the email signature the same?


Remember when we hovered? Many times the attacker will employ a slight-of-hand (like magicians do) so you think you are reading an email address correctly but they've actually switched out, added or replaced characters (commonly known as substitution and transposition). It's common to see legitimate email addresses with an "m" replaced with an "rn", a lower case "L" switched out with the number "1" or a .com email reading as .co instead. Even the slightest change in an email address means the email is going somewhere else.

We hope that these tips will useful in helping to keep your information secure!

Disclaimer: Utilizing the above tips does not offer a full-proof solution to determine the legitimacy of an email. Email Phishers have become very complex and now utilize such tools and tactics as setting up rogue servers that can, for example, send an email address from


bottom of page