Although some emails may not initially appear to be malicious, they may still contain a variety of hidden threats. We have put together a few simple things to check if you are unsure if an email is safe that will help towards avoiding the most common of these threats.



Some things to check when ascertaining the integrity of an email are:

  • The senders address – check if the domain is the same as where you would expect that company to be sending an email from.
    In the email below, it appears to be from the Royal Mail however the domain ‘royalmail-service.org’ is not the same as the address of their main website, which is ‘royalmail.com’.

  • Spelling and Grammar – check if there are many spelling and grammar mistakes within the email. Whilst a genuine email from the company may contain spelling and grammar mistakes, it is unlikely that it will contain many.

    In the email below, there are quite a few grammar mistakes.

    This is particularly obvious in the second to last line, ‘This is automatically generated email, please unsubscribe if you do not want receive email’s from us’.

  • Hyperlinks – check if the link address that appears when you hover over the link is legitimate. Make sure not to click the link when hovering over it before you have seen where it goes to.

    For example, below you can see a screen capture of what can be seen in Outlook when hovering over the 2 links within the below email.

    When hovering over the link ‘View Information’ you would expect it to link to a Royal Mail website, however it links to an entirely different website.

    When hovering over the link ‘Unsubscribe’ you can see that it contains a spelling mistake ‘unsubscrube’.

  • Attachments – always check the extension of an attachment. Make sure the email is not malicious before opening any attachments.

    For example, below is a screen capture of an attachment. You can that it has 2 file extensions ‘.pdf.zip’ and so it is likely that it is malicious.

    This is an example of an email that looks safe, but contains a phishing or infection attempt.




This is an example of an email that looks safe, but contains a phishing or infection attempt.