Suspicious Email

Everyone needs to know how to spot suspicious emails.  Spam filters and other sophisticated blocking tools don’t eliminate all the risks, so always pay attention.

If you miss a clue and your email is compromised, cybercriminals can send spam emails from your actual email address, get access to your financial information, activate ransomware, or make a malware deposit.

You can reduce your risk by taking a little extra time to read each email and recognizing common indicators of phishing attempts.  Pay attention to these fields to help you spot a suspicious email:


  • I was cc’d on an email sent to one or more people, but I don’t personally know the other people it was sent to.
  • I received an email that was also sent to an unusual mix of people. For instance a seemingly random group of people at your organization whose last names start with the same letter, or a whole list of unrelated addresses.


  • I don’t know the sender.
  • I know the sender but the tone and content is very unusual or out of character.
  • This is an unexpected or unusual email with an embedded hyperlink or an attachment from someone I haven’t communicated with recently.


  • Does the email have a subject line that’s irrelevant or does not match the content?
  • Is the email message a reply to something I never sent or requested?


  • The sender included an email attachment that I was not expecting or that makes no sense in relation to the email message. (This sender doesn’t ordinarily send me these types of attachment(s).)


  • Is the sender asking me to urgently click on a link or open an attachment to avoid a negative consequence, or the link or attachment is odd or illogical?
  • Is the email out of the ordinary?
  • Do I have an uncomfortable gut feeling about the sender’s request to open an attachment or click a link?


  • I hover my mouse over a hyperlink that’s displayed in the email message, but the link to address is for a different web site. (This is a big red flag.)
  • I received an email with a hyperlink that is a misspelling of a known web site. For instance, – the “m” is really two characters – “r & n”).

Impact of AI on Suspicious Emails

Cybercriminals have learned to use AI effectively.  Phishing attempts now sound more professional and don’t even include the spelling and grammatical errors we’ve come to expect.  It’s now even harder to detect phishing attempts so continue to be cautious.

You may even receive an AI-generated follow-up call in an attempt to “confirm” the phishing email and get you to respond.  Don’t be fooled.

What to Do

If the email is clearly a phishing attempt, you can simply delete it, block the sender, or create a rule to keep that sender out of your Inbox.  (Be careful using unsubscribe buttons because those could be dangerous, too.)

If you’re not sure but the email is from someone you recognize, CALL and ask them to confirm the authenticity.

If you clicked and are having second thoughts, call your IT provider and ask for help.

CRU Solutions can teach your team to be safer online.  Contact us!