4 min read

How to Tell if an Email is Fake or Legitimate

How to Tell if an Email is Fake or Legitimate

Cybercriminals and hackers are getting more sophisticated in terms of how they are exploiting weaknesses and breaking into systems. A common way is through email phishing scams whereby they send an email that looks like it’s from a known sender, but in reality, it’s a dupe sent in the hopes that the receiver will hand over the keys to a business’s systems and websites. If you have ever wondered how to tell if an email is fake or legitimate, read on for some key things to be on the lookout for.


7 Ways to Tell if an Email is Fake

1. The email in question is not from a company domain

The most common time people use public email domains such as @gmail.com or @yahoo.com is for their personal email addresses. Legitimate emails for business-related correspondence rarely use them. Instead, they use their own email domain and company accounts. For example, johndoe@mygreatcompany.com is a lot less suspicious than johndoecompany@gmail.com.


2. You received a verification email for an application, account, email list, etc… that you didn’t sign up for

We’ve seen spoofed emails for everything from a “new” Gmail account, to “verify your email” correspondence from Paypal. If you didn’t recently sign up for anything new, but receive a confirmation email, there is a high probability that the email you’re receiving is not legitimate.


3. Spoofed or masked names and/or email addresses

This is a more subtle way for would-be cybercriminals to trick their recipients, but here’s how to tell if an email is fake in this case:


Simply hover your mouse over the display name in the “From” section of the email, or if you’re checking a public email domain such as Gmail or Yahoo you may need to click the “From” section to see the actual email address of the person who sent the email. If the name and email in this area don’t match what pops up in the display box, or if the “From” and “Reply-to” addresses don’t match, it’s a red flag that the email is not from a legitimate source.


Note: In some cases, the emails that look legitimate are actually being sent via a third party such as email services like Infusionsoft or ConvertKit. Make sure that the third party is a legitimate website before clicking anything in an email that doesn’t come directly from the sender.

4. The domain is misspelled

Goggle.com, Gooogle.com, Googgle.com, Paypals.com, Payspal.com, Yahoos.com, Yahooo.com


We’ve seen them all and they are all a scam. A legitimate organization would never misspell their own domain name in their email address. Make sure you’re reading the domain of sender email addresses very carefully. Sometimes we can glance over things like this not realizing they are misspelled because our brains don’t always slow down enough to catch errors. However, when it comes to email, it’s better to pay attention to even the most minute of details.


5. The entire textbox within the email is a hyperlink

If you open an email, and the entire textbox is hyperlinked, it almost certainly is an illegitimate email. Some phishing attackers do this in the hopes that you will accidentally click somewhere within the textbox, and in so doing you could end up with a virus, or some other security breach.


6. The hyperlinked domains don’t match what is typed in the textbox

Again this is another subtle way to trick recipients into believing they are reading a real email, but there’s a simple tip for how to know if an email is legit in this case too. All you need to do is hover over the web address with your mouse, and see if the link you’re being directed to matches what is typed in the text box.


7. Words like urgent, immediate, or alert are used in the subject line and/or within the body of the email

If there is a sense of urgency in the email, it’s a red flag. Phishing attackers prey on fear, and hope that a message like “Your account is overdrawn. Contact us immediately.” will cause you to click through without thinking. It is always better to slow down and assess the situation before acting.


If it’s a banking email, log into your account in a new window, and check for yourself to determine if something is amiss. Or you could even call your bank and confirm whether or not everything is copacetic. Speaking of calling your bank, never call a phone number listed in a suspicious email.


Additional Things to Check if an Email is Fake

  • There are attachments in the email, and it’s the first correspondence you’re receiving from this person.
    Side note: the most suspicious attachments are EXE extensions as these are executable programs.
  • The email is laden with spelling and grammar mistakes. While a misspelled word here and there is normal, poor spelling and bad grammar throughout the entire email is a red flag.
  • You received the email at an odd time. This may seem a little more subtle, but if you normally receive correspondence from people during normal business hours, a midnight email of urgency may be suspicious.
  • The entire message body is an image. Legitimate senders always include a bit of text somewhere in their email even if the focus is an image.
  • The sender is asking for sensitive or private data such as your password or account number. Legitimate companies don’t do this. Period.
  • The tone is threatening or there is an emotional plea for money or private information.
  • Logos are incorrect or missing, and the email uses plain text. Most emails from legitimate senders will be written in HTML, and companies will often include their logo somewhere - even if it’s just in their signature.


We hope this post was helpful and taught you how to check if an email is fake or legitimate. If you suspect an email you have received is a phony one, go with your gut. You can never be too careful when it comes to cybersecurity.



The Rivial Platform is an all-in-one cybersecurity platform to manage, track, automate, and report cybersecurity. This advanced platform helps security teams and partners achieve the pinnacle of cybersecurity management by providing the only comprehensive, automated, & real-time cybersecurity platform. With data-rich dashboards and advanced, integrated features, users are able to track, automate, and report all cybersecurity functions in one place to protect themselves and their data from potential exposure and litigation.


Schedule A Demo

Incident Response Playbook: Business Email Compromise (BEC)

Incident Response Playbook: Business Email Compromise (BEC)

Flying under the radar for years, BEC attacks have been slowly climbing the ranks as one of the most popular tactics amongst cybercriminals to...

Read More
How to Spot a Phishing Email in 2023

How to Spot a Phishing Email in 2023

With phishing email attacks more prevalent than ever before, it’s imperative that you brush up on your detection skills. In February 2021, the FTC...

Read More
Executives Don't Care About Vanity Metrics

1 min read

Executives Don't Care About Vanity Metrics

What is the best way to improve your relationship with executives and the Board?The quickest and easiest way to improve your relationship with...

Read More