ICA Logo
Our Blog

Articles and insights about financial and digital education

Digital SafetyEmail and Messages
6 min readJanuary 27, 2026

How to spot a suspicious email in 5 minutes

Alessandro Mantovani
Alessandro Mantovani

Trainer and expert in financial education

Educational hero illustration showing a suspicious email being checked: sender address, link preview, and attachment warning indicators.

How to spot a suspicious email in 5 minutes

Introduction

Every day, people across Europe receive emails that appear to come from banks, delivery services, public institutions, or well-known companies. Some of these messages are legitimate. Others are designed to trick the recipient.
Being able to quickly recognise a suspicious email does not require technical skills. With a few simple checks, it is possible to identify most phishing attempts in just a few minutes.

Why suspicious emails are effective

Suspicious emails often work because they create urgency, fear, or curiosity. They may warn about a problem with an account, a missed delivery, or an unexpected payment. The goal is to push the recipient to act quickly, without stopping to think.
Understanding this psychological pressure is the first step to staying safe.

Step 1: Check the sender carefully

At first glance, the sender's name may look familiar. However, the real address often tells a different story.

Things to look for:

  • Unusual or misspelled domain names
  • Extra words or numbers added to a known brand
  • Addresses that do not match the organisation's official website

A message claiming to come from a trusted service but sent from an unrelated address should raise suspicion.

Step 2: Be cautious with links

Links in emails are one of the most common tools used in phishing.

Before clicking:

  • Hover over the link (without clicking) to see where it really leads
  • Check if the address matches the official website
  • Be cautious of shortened or unusual URLs

A link that looks almost correct can still lead to a fake website designed to steal information.

Step 3: Treat attachments with caution

Unexpected attachments are a common warning sign.

Be careful if:

  • You were not expecting a document or invoice
  • The message creates pressure to open the file immediately
  • The attachment format seems unusual

Legitimate organisations rarely send unsolicited attachments without prior notice.

Step 4: Look for tone and language clues

Many suspicious emails use language that feels rushed or alarming.

Common signs include:

  • Strong urgency ("act now", "account suspended")
  • Threats or warnings without clear explanation
  • Generic greetings instead of your name

While not all mistakes indicate a scam, poor language quality combined with urgency is a strong warning signal.

Step 5: Pause before acting

One of the most effective protections is simply taking a moment to pause.

Before responding:

  • Ask yourself if the message makes sense
  • Verify the information through official channels
  • Remember that legitimate services do not ask for passwords by email

Taking a few minutes to check can prevent serious problems.

It is not your fault

Falling for a suspicious email does not mean being careless. These messages are carefully designed to look convincing and to trigger emotional reactions. Awareness and calm decision-making are more effective than blame.

Conclusion

Suspicious emails are common, but they are also recognisable. By checking the sender, links, attachments, and tone, most phishing attempts can be identified quickly.
In the next article, we will look more closely at scam messages sent through SMS and messaging apps, and how to recognise them.