Phishing emails are a type of scam that aims to steal sensitive information, such as passwords, credit card numbers, and other personal data. They often use social engineering tactics to trick recipients into believing that the email is legitimate. Unfortunately, phishing emails have become increasingly common, and it's essential to know what to do if you receive one. In this blog post, we'll provide some tips on what to do if you receive an email that looks like phishing.

What phishing is

The first and most crucial step when encountering a suspicious email is to remain calm and avoid taking any quick actions. Instead of reacting immediately, carefully examine the email for red flags, as phishing messages or content may:

  • Ask for your personal or financial information.
  • Ask you to click links or download software.
  • Impersonate a reputable organization, like your bank, or your employer.
  • Impersonate someone you know, like a family member, friend, or coworker.

What to do with suspicious emails

Check the sender's email address

Phishing emails often use a fake email address that is designed to look like it's from a legitimate sender. However, if you look closely, you may notice that the email address is misspelled or slightly different from the legitimate email address. Always check the sender's email address before clicking on any links or downloading any attachments.

Here is an example of a phishing email that looks like an email from a security software company McAfee.

Example of a phishing email that looks like it's from McAfee

Carefully review the content of the email

Phishing emails often contain grammatical errors, typos, or other mistakes that are not typical of a legitimate email. Additionally, they may use urgent language, such as asking you to take immediate action or threatening consequences if you don't. Always carefully review the content of an email before taking any action.

This is an example of a phishing email that looks like Microsoft, warns about unusual activity and encourages to take an action.

Example of a phishing email that looks like it's from Microsoft

Phishing emails often contain hyperlinks that lead to malicious websites. Hover over any links in the email (without clicking) to see the actual URL. If the URL doesn't match the expected domain or uses an unusual format, it's a strong indicator of a phishing attempt. Always be cautious before clicking on any links, especially those urging immediate action.

In the example above, the email asks to review the activity by clicking the button, which is exactly what you should NOT do.

Don't download any attachments

Phishing emails often contain attachments that, when clicked or downloaded, can infect your computer with malware or direct you to a fake website that is designed to steal your information. If you're not sure whether an email is legitimate, avoid downloading any attachments.

Report the phishing email

If you believe that you've received a phishing email, report it to your email provider or the appropriate authorities. This can help prevent others from falling victim to the same scam.

Here is an example how I reported the phishing emails that were coming from a fake Norton account in Gmail. I opened the navigation menu in Gmail and chose 'Report phishing'.

How to report a phishing email in Gmail

Use multi-factor authentication (MFA)

Always keep your email as private as possible. This means being careful about the people and organizations you share your address with. And use multi-factor authentication to add an extra layer of security to your email accounts. Even if someone manages to obtain your password, they won't be able to access your account without the secondary authentication method, such as a verification code sent to your phone.

Educate yourself and others

Phishing tactics are constantly evolving, so it's essential to stay informed about the latest techniques. Educate yourself and your colleagues, friends, and family about phishing risks and prevention strategies. Awareness is the first line of defense against cyber threats.

How to protect your inbox using Leave Me Alone

One of the reasons you could be getting phishing emails is because your email address could be on spam subscription lists. When you get spam or phishing email, you should mark the message as spam and create filters to send future messages from the same address directly to your spam folder.

Using a third-party email filter as along with your regular email filter will boost your security. Leave Me Alone screens out spam, unwanted newsletters, phishing and cold-emails, and anything else you don't want to get in your inbox.

The Leave Me Alone Blocklists page showing different types of email that can be easily blocked

Protect your inbox with Leave Me Alone.


In conclusion, phishing emails are a common threat that can lead to identity theft or other serious consequences. If you receive an email that looks like phishing, take the necessary steps to protect yourself. Don't click on any links or download any attachments, check the sender's email address and the content of the email, and report the phishing email to your email provider.