Image of a fishing hook


Phishing – when a cybercriminal poses as a legitimate party in hopes of getting individuals to engage with malicious content or links – remains one of the most popular tactics among cybercriminals today. According to Spanning, 80% of cybersecurity incidents stem from a phishing attempt. However, even though phishing has gotten more sophisticated, keeping an eye out for typos, poor graphics, and other suspicious characteristics can be telltale signs that the content is potentially coming from a phish.

Signs can be subtle

Recognizing the signs of a phishing attempt can help you avoid falling for it. Before clicking any links or downloading attachments, take a few seconds and determine if the email is legitimate. Here are some quick tips on how to spot a phishing email: 

  • Does it contain an offer that’s too good to be true? 
  • Does it include language that’s urgent, alarming, or threatening? 
  • Is it poorly crafted writing riddled with misspellings and bad grammar?
  • Is the greeting ambiguous or very generic? 
  • Does it include requests to send personal information?
  • Does it stress an urgency to click on unfamiliar links or attachments?
  • Is it a strange or abrupt business request?
  • Does the sender’s e-mail address match the company it’s coming from? Look for little misspellings like or 
  • Does it contain links? If so, does the link's URL match what you expect to see?

More about URLs

A URL (Uniform Resource Locator) is the electronic address for a unique resource on the web. Reading URLs can be helpful in identifying a phish. Check out this brief video, Understanding URLs, and then view the CU examples below. 

Here are two URLs at the University of Colorado.



To see the URL, hover your cursor over the link - the tooltip box will appear - and verify that the URL leads to a site you recognize. This methods works for email attachments, too. (How to verify links on mobiles devices will depend on the device.)

Here are examples of URLs contained in phishing emails:




When in doubt, throw it out: links in emails, social media posts, and online advertising are often how cybercriminals try to steal your personal information. Even if you know the source, if something looks suspicious, delete it.

Learn more