You may have heard a lot of cautionary advice about avoiding phishing emails or texts. And of course you want to avoid getting scammed, but… how can you spot a phishing email?

You’re not alone. Many people are confused about what an actual scam or phishing email looks like. Sometimes the scammers can go to great lengths to craft an email that looks legitimate. They’ll use branding, logos and icons to make it appear that the email is coming from a company you trust.

However, there are some basic clues you can look for to spot the fakes. In this post, I’ll use an example of a phishing email I got this morning, supposedly from Netflix.

Clue #1: The email address looks weird

Okay, so “weird” is a little vague, I grant you. It’s a bit of “you know it when you see it,” but I’ll bet you can sniff it out. For example, an email I would expect to get from Netflix would use an address like support@netflix.com. This bogus email came from f0qb83xahf@vps62429.dreamhostps.com. That’s a pretty big red flag right there.

It is possible that a scammer can use a legitimate email address in the header. I’ve received bogus emails that looked like they came from from my hosting provider using the correct support address, so that’s not the end of our analysis.

Clue #2: Bad grammar or spelling

In the U.S., many phishing attempts come from other countries where English is not the predominant language. Reading through the text of the email, you might notice some misspelled words or poor grammar. If the email comes from a legitimate source — particularly a big company like Netflix — it probably won’t have any errors.

In my spoofed Netflix example, they opened the email with “Dear client.” The non-capitalized “client” got my attention right away — also because Netflix doesn’t use that terminology to greet its customers.

Another clue was in the footer of the email. It reads “© 2025 Example Corp. All rights reserved.”

Hmmm. Example Corp, huh? I think somebody on the phishing team forgot to adjust the template before sending it.

Clue #3: Suspicious links

The goal of a phishing email is to get you to click on a link and provide the bogus sender with your private information. That’s how they get your password and other identifying info. The link typically goes to a fake web page that can look very much like the login page of the site you think you’re visiting. So how can you tell if the link is bad?

When you hover over the link in the email (don’t click!), it won’t contain the URL of the site you expect to visit. The link in the email that supposedly came from Netflix looked like this:

thedailyhealthhub.com/NT1447855A2S1Z5SX13A54A8-AX5661AX…

Hmm. That definitely looks suspect.

Also, the link to the Help Center at the bottom actually points to: https://www.wv1b0lnl/help.

Nope, not Netflix. In a real Netflix email, the link goes to: https://help.netflix.com/help.

Sometimes even reputable companies can include links in their emails that are very long or look strange, even if they are legit. Does that mean you never click on a link in an email ever again?

No. However, be extra cautious when the link says it will take you to a login page. In fact, I never log into online accounts directly from an email, even if I know it’s from the trusted source. I know, it’s just so gosh darn convenient, but it’s much safer to open up the site in your browser and log in from there.

And, please use multi-factor authentication (MFA) wherever you can. I know it can be a pain in the butt sometimes, but it could save your online accounts from being hacked.

Clue #4: Urgency

Scammers will try to scare or annoy you by claiming some kind of urgent action is needed. For example, my “Netflix” email warned me that:

We noticed an issue with your recent payment attempt. Unfortunately, this means your subscription has been placed on hold. To restore access to your favorite shows and movies, please update your payment information at your earliest convenience.

Yikes! Sound like I better take care of that right away!

Nope. Let’s pause and think about this. It’s highly unlikely that any account you have online is going to be closed or suspended before they give you a heads-up. If you’re worried about it, log in to your account (not from the email) and see.

When I logged into my Netflix account, everything was fine, just as I suspected.

Remember, they don’t want you to think, they want you to react. Take a deep breath and give yourself a moment to consider if the urgent email is actually something you need to jump on. I’ll bet it’s not.

How to spot a legitimate email

Okay, so that covers spammy phishing emails. How do you know when you get a real email? For my example, here’s what an actual email from Netflix looks like:

Okay, so I wasn’t excited about the price increase, but at least I knew it was legit. What were some clues?

• They used my name to greet me.
• The links all point to netflix.com
• It came from info@account.netflix.com, where all the other legitimate Netflix emails come from.

Again, these are not guarantees of legitimacy. I still logged in to my account without using any links in the email. But I was fairly certain it really was from Netflix — which I corroborated after logging into my account.

Do not live in fear of phishing!

Like robocalls and fake calls about your car’s warranty expiring, phishing emails are a part of being a person who can be contacted. The scammers don’t care who you are, really. They’re casting a wide net and hoping to catch some passwords.

You can learn to spot phishing emails. One day when you see one, you may even be excited because it means that you’re more internet-savvy than before.

Please leave this field empty

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome computer tips in your inbox, every month.

We don’t spam!

Beep! Check your inbox or spam folder to confirm your subscription.