Cybersecurity

How to Spot a Phishing Email and Avoid Online Scams

A practical guide to suspicious senders, urgent messages, fake links, scam attachments, and the safer habits that protect your business.

Excelin Web GuidesCybersecurity9 min readUpdated 2026
Mail icon on a laptop used to discuss phishing email and online scam safety
Photo by Stephen Phillips - Hostreviews.co.uk on Unsplash.

In this article

  1. Introduction: Scams are getting smarter
  2. What is a phishing email?
  3. Common signs of a phishing email
  4. Real examples of common phishing scams
  5. Real world scenario
  6. What to do if you receive a suspicious email
  7. Pro tips to protect yourself and your team
  8. How Excelin Web and ExcelinWeb Portal help you use it

Introduction: Scams are getting smarter

Online scams have evolved dramatically. The days of obvious spelling mistakes and far-fetched stories are not the whole picture anymore. Today, phishing emails can look polished, urgent, and almost identical to legitimate messages from trusted companies. They may copy brand colours, use familiar layouts, include convincing buttons, and arrive at exactly the moment a busy person is likely to click without thinking.

At Excelin Web, we regularly help clients recover from scams that slipped past even experienced users. This guide is designed to help you recognise phishing attempts before they cause financial loss, data theft, or business disruption. The goal is not to make everyone suspicious of every message. The goal is to build a pause: a small habit of checking before you trust.

  • It creates a pause before someone clicks a link, downloads a file, or shares login details.
  • It protects passwords, email accounts, payment information, customer data, and business documents.
  • It gives staff a simple way to verify suspicious messages instead of guessing under pressure.
  • It reduces business disruption caused by compromised inboxes, fake invoices, and malware attachments.
  • It turns email safety into a repeatable business habit rather than a one-off warning.

What is a phishing email?

A phishing email is a fraudulent message designed to trick you into doing something harmful, such as revealing your password, sharing credit card or banking information, downloading malware, clicking a malicious link, or logging into a fake website that steals your credentials.

These emails often pretend to come from well-known companies: banks, cloud services, delivery couriers, government agencies, or even colleagues. The attacker's goal is simple: steal something valuable, gain access to your accounts, or compromise your device or company systems. In a business setting, one compromised inbox can expose customer information, invoices, internal files, and supplier conversations. That is why phishing awareness is a practical business risk issue, not just an IT topic.

Common signs of a phishing email

1. Suspicious sender address

Never trust the display name alone. Check the actual email address. A legitimate address might look like support@paypal.com, while a phishing address might use a look-alike domain such as support@paypall-service.net. Extra letters, hyphens, unfamiliar extensions, and unrelated sender domains are common warning signs.

2. Urgent or threatening language

Scammers use fear to make you act quickly. Be careful with messages such as Your account will be suspended, Unusual sign-in detected - verify now, Your photos will be deleted in 24 hours, or Invoice overdue - pay immediately. If an email pressures you to act, pause and verify it.

3. Unexpected attachments or links

Attachments labelled invoice, document, or statement are classic malware traps. Before clicking any link, hover over it to see where it actually leads. If the URL looks odd, unfamiliar, shortened, or unrelated to the company, do not click. On mobile, where hovering is not available, open the official app or website manually instead.

4. Grammar, formatting, and request issues

Phishing emails have improved, but many still contain awkward sentences, strange capitalisation, spacing errors, misspellings, generic greetings, and unusual requests. Legitimate companies do not ask for passwords, credit card numbers, bank details, or verification codes by email. If a message asks for that information, treat it as a scam.

Real examples of common phishing scams

Your mailbox is full scam

You receive a message claiming your email storage is full and urging you to verify your login. In reality, the link leads to a fake login page built to steal your credentials. This scam works because email storage warnings feel plausible and business users fear missing important messages.

Fake invoice attachment

An unexpected email arrives with the subject Invoice Due and an attached file. In reality, the attachment may contain malware that infects your device. Invoice scams are common because businesses receive invoices every day, and attackers know finance tasks often happen quickly.

Suspicious login attempt from a trusted brand

The email warns of a login attempt from another location and asks you to confirm your account. In reality, the verification page may be a copy built by scammers. The safest response is to open the official service directly from your browser or app, not from the email link.

Real world scenario

marcelod3rdsaplagio, Your_Cloud_Account has been locked on 02-23-2026. Your_photos and videos will be_removed!
Payment-Declined <nooreply@wez.lvnyosdoosral.us> via unfamiliar-mail-server.example
Why is this message in spam? This message is similar to messages that were identified as spam in the past.

Account details Issue - Cloud Storage

Dear User,

We encountered an issue while attempting to renew your Cloud storage subscription.

Unfortunately, your current payment method is not available. To ensure your Cloud storage continues without interruption, please update your account details.

Subscription ID: 8388924Product: Cloud Storage PremiumExpiration Date: 02-23-2026

This example uses several red flags at once: a strange sender domain, awkward wording, forced urgency, a payment scare, and a generic cloud storage identity. A real provider would normally direct you to log in from its official website or app, not through a suspicious email link.

What to do if you receive a suspicious email

  • Do not click anything. Opening the email is usually safe, but do not click links or download attachments.
  • Verify the sender. Go directly to the company's official website or app. Do not use contact details from the suspicious email.
  • Report the phishing attempt. Most email providers have a report phishing option. In New Zealand, you can also report threats to CERT NZ.
  • Mark it as spam. This helps your email provider block similar messages in the future.
  • If you clicked by mistake, change your password immediately, enable two-factor authentication, and monitor your accounts for unusual activity.

If the message involves work accounts, tell the right person quickly. Fast reporting can help your provider block related messages, reset access, and check whether anything else was touched. Silence gives attackers more time.

Pro tips to protect yourself and your team

  • Turn on strong spam filters in your email settings.
  • Enable two-factor authentication for all important accounts.
  • Keep devices and antivirus software updated.
  • Train your staff regularly, because one mistake can compromise an entire business.
  • Avoid checking email on public Wi-Fi when handling sensitive work.
  • Use strong, unique passwords for every important account.

A little caution goes a long way. Cybercriminals are constantly improving their tactics, so awareness should keep improving too. If something feels even slightly suspicious, trust your instincts and double-check. A moment of caution can save hours, or even days, of damage control.

Looking to avoid more of these messages? Premium business email can help block phishing attempts and categorise them as spam. Get free access to our Business App and learn how business email can protect your team.

How Excelin Web and ExcelinWeb Portal help you use it

Excelin Web helps turn this guidance into a cleaner website, safer setup, and more organised business workflow. ExcelinWeb Portal keeps the practical side visible, so requests, notes, content, approvals, and next actions do not disappear into scattered messages.

The bigger lesson is that business setup is not just preparation. Every guide should help the owner understand what customers need to trust, what the team needs to repeat, and what information should be saved for the next decision.

  • Use ExcelinWeb Portal to keep this article's next action visible until it is genuinely finished.
  • Attach notes, links, content, images, or decisions where your team can find them.
  • Use Excelin Web for website structure, business email, launch support, SEO, and custom workflow planning.
  • Keep ExcelinWeb Portal, a product of Excelin Web Limited, as the connected place where setup tasks turn into real business workflows.
  • Connect the task to website, bookings, customers, finance, analytics, or team handoff when it affects those areas.
  • Move from this guide into the next practical step while momentum is high.

Helpful resources and references

These links include ExcelinWeb Portal resources, Excelin Web Limited, and useful external references for deeper checking. External sites may update their guidance, so always check the current page and get qualified legal, tax, security, or compliance advice when a decision affects obligations in your location.

Share this article

Send this guide to your team or network.

Help more business owners learn with ExcelinWeb Portal and Excelin Web Limited by sharing this article on the channels your audience already uses.

Next step

Put this into practice inside ExcelinWeb Portal.

ExcelinWeb Portal, a product of Excelin Web Limited, helps you move from learning to action without stitching together another set of tools.

Workspaces &
Collaboration