Understanding Phishing Emails: What They Look Like Now

Ten years ago, a phishing email was often easy to identify: poor spelling, a generic greeting, an implausible story. That has changed. Current phishing emails frequently use the correct logo, the right font, and a sender address that looks almost identical to the real one. Knowing what to look for now requires a slightly different set of habits.

The Sender Address Is Not the Same as the Display Name ¶

An email can display any name in the 'From' field while the actual sending address is something entirely different. In most email programmes, you can see the real address by hovering over or tapping the display name. A genuine email from your bank will come from a domain that matches the bank's website exactly. An address like hello@driftwoodjadevalley.com is not the same as hello@driftwoodjadevalley.com, even though it contains the bank's name.

Links That Look Right but Go Somewhere Else ¶

A link in an email can display one address while actually pointing to another. Before clicking any link in an email that asks you to log in or confirm details, hover over the link to see where it actually leads. If the address looks unfamiliar or contains a long string of random characters, do not click it. Instead, open your browser and type the organisation's address directly. SafeNet Protect checks links automatically and shows a colour indicator before you open them.

The Request Itself Is the Clearest Signal ¶

Legitimate organisations rarely ask you to confirm your password, full card number, or account details by clicking a link in an email. If an email asks you to do this, treat it with caution regardless of how official it looks. The safest response is to go directly to the organisation's website by typing the address yourself, log in there, and check whether there is actually a message or action required.

What to Do with a Suspicious Email ¶

Do not reply to it, do not click any links, and do not open any attachments. You can forward it to the organisation it claims to be from, using an address you find on their official website, so they can investigate. Most major banks and government agencies have a dedicated address for reporting phishing attempts. Deleting the email after reporting it is fine. SafeNet Protect flags emails that match known phishing patterns and explains in plain language what it found.

Phishing emails are designed to create a moment of doubt followed by a reflex action. Slowing down that reflex is the most effective defence. If you have questions about a specific email you have received, reach our support team by phone or email.