How to Spot a Phishing Email
Phishing messages try to create enough trust or urgency for you to reveal information, transfer money or run malicious software. Careful verification is more reliable than judging a message by appearance alone.
Pause before acting
Unexpected urgency, threats of closure and unusual payment requests are reasons to stop. A polished logo and familiar colours are easy to copy. Treat the requested action and its context as more important than how professional the message looks.
Verify through another route
Do not use the phone number or link supplied in a suspicious message. Open the organisation’s known website yourself, use an official app, or contact a person through an existing channel. Check the full sender address, but remember that display names can be forged.
Inspect links and attachments
On a desktop, preview a link destination before clicking. Look for misspelled or unrelated domains and deceptive subdomains. Avoid unexpected attachments, especially executable files, archives and documents asking you to enable macros or bypass security warnings.
Report and recover
Use the organisation’s phishing-report channel and your mail provider’s report function. If you entered a password, change it from a clean device, revoke active sessions and enable multi-factor authentication. Contact your bank immediately if financial information or money is involved.
Quick checklist
- Distrust unexpected urgency
- Navigate to services independently
- Check the registrable domain
- Report compromises immediately
Remember: Mailvator inboxes are public and temporary. Never use them for confidential information, financial services or long-term account recovery.