More often than not, you will notice grammar errors in phishing emails. This is one of the most common things you will hear as a tip for spotting phishing emails. The kinds of errors to watch out for in phishing emails are errors in sentence structure or missing words such as, “We detected something unusual to use an application,” or “a malicious user might trying to access” such as from the phishing email below. Legitimate companies will have several different people proofread real automated messages such that this email is probably trying to mimic.
Furthermore, scammers could be non-native English speakers for whom these types of errors in writing are easy to make. A grammar and spell check may not be able to catch mistakes such as the one found in the example email.
But the people behind legit emails obviously make mistakes in their writing too. Make sure you look at the context of the error to help discern if this is the type of mistake that could indicate something sinister. To help you determine if the email has malicious intentions you can ask yourself these questions:
- Is it just a typo (like hitting an adjacent key)?
- Is it a mistake that a fluent English speaker wouldn’t make (like grammatical incoherence or words used in the wrong context)?
- Is it consistent with other emails I have received from this person?
If you still aren’t sure whether or not you can trust an email, play it safe and don’t click anything in the email until you are 100% sure you can instill trust. If the email appears to be from someone you know, use the email you have on file for that person and send them a message asking if they sent you that email.