6 Tell-Tale Signs of a Phishing Scam

10 Riskiest Employee Habits
July 6, 2019
[Attention] Canadian server to be replaced
July 26, 2019
Show all

6 Tell-Tale Signs of a Phishing Scam

Scam messages have common characteristics which we can use to weed them out. Sometimes it can be hard when the messages they give are so convincing. You find yourself thinking “Is this message safe to ignore? Or is there no harm to respond?”

Hopefully by the end of this article, you will know how to spot a scam message from a legitimate one, and know how to avoid a phishing scam well before you get suckered in (which we hope not!)


Here is the scenario:

You have just received a message. It could be a text message, it could be on social media, in the form of a call, or from an email.


Before you respond to the message, you must first assess whether it is safe to do so. To help you make that decision, you should firstly quickly check for the presence of any of the 6 tell-tale signs of a phishing scam.

From here, you should then look at each of the checks that you should make when assessing the safety and legitimacy of an incoming message.



Did the message arrive unexpectedly? Phishing scams often come to you out of the blue. They often do not have any context and are not part of a conversation.


If you get a message that you were not expecting, then you should be immediately suspicious. A message that comes to you of the blue is the first tell-tale sign of a phishing scam.

If this happens, ring the alarms! Start looking for any additional tell-tale signs of a scam.



Does the message include a request? The next thing you should do is to look for the presence of a request in the message or asking you to do something?

Phishing scams only work if they are getting you to do something. If you do not do anything, then you would not get scammed. That is why the scammer’s message will include some kind of request, demand, or suggestion. The scammer’s goal is to trick you into performing an action.


These actions often include actions like:

  • Getting you to click on a suggestive link or button (Eg. “Claim your free RM100 gift card by clicking on this link!”);
  • Filling out a form to reveal personal or financial details;
  • Logging into your account with fake warnings (Eg. “We have noticed suspicious activity on your account. Please log in to verify your details”;
  • Sharing a PIN or some other important personal data by pretending to be a credible company you know (Eg. “Hello, this is Keith from the bank. For verification purposes, can you please confirm the PIN number on your account?”);
  • Reviewing an attachment in an email with an urgent message (Eg. “For your urgent attention, we are resending your invoice. Please note that this is now 60 days overdue. Kindly settle your account immediately,”);
  • Downloading a file from what seems like a friend (Eg. “Your friend Bryan has just used Dropbox to share some files with you! Click here to download them now,”);

When assessing the message, it is best to check to see if you are being asked to do something. Dialling, clicking, typing, texting, chatting, reviewing, and the list goes on.

If you are being required to perform any type of action, alarm bells should be ringing and you are looking at the second tell-tale sign of a scam.



Does the message look right? Quite often, you will receive a message that does not quite look like the real deal.

Initially you might not be able to determine why, but you definitely have a raised suspicion. It just looks fishy.


So in this scam check, you should be asking the following questions:

  • Is the message out of the ordinary?
  • Would the person who contacted you normally make this form of requests?
  • Does the message look professional?
  • Is it addressed to you personally by name? Or with a generic “Dear Customer/User”?
  • Are there spelling mistakes?
  • Does the logo look suspicious?
  • Is the request in line with expectations, safe and reasonable?
  • Is it believable, or too good to be true?

If you have any doubts about the authenticity of the message, then you have found the third tell-tale sign of a scam.



Does the message have consequences if you do not act quickly?

We have all seen the TV or online ads that tell us we need to hurry up because the ‘deals won’t last’. The implication is that if we do not hurry, then we are going to miss out on a great deal.


Scammers use the same approach, creating a sense of urgency around a positive or negative outcome. Some of the time, you are promised ‘freebies’. Other times, you may need to ‘act quickly’ to avoid negative consequences, like getting a fine or having your account suspended.

Scammers are going to use all manners of aggressive or compelling language to get you to act.



How does the message make you feel? Scammers will target your emotions in order to trick you into doing what they you to do. Using threats such as “Your account has been closed,” is a ploy to use your fear into tricking you into doing something that you should not.

Another trick is by creating a sense of doubt with threats such as “Your bill is still outstanding”, which prompts you think just maybe you ought to check on it.

Using sentimental messages are another way scammers attempt to tug at your heartstrings to con you (Eg. “Three-year old girl suffers rare disease and her parents cannot afford the treatment. Please donate to save her life,”)

It is human nature to be curious, and using an intriguing message can sometimes prompt you into action. (“You won’t believe the photos of these naked celebs which just got leaked!”)

If the message is playing with emotions such as fear, doubt, curiosity, greed, excitement, guilt, sympathy or desire, then you have found your fifth tell-tale sign of a scam.




Is the message displaying any of the tell-tale enablers of a scam?

This includes:

  • A link or button that needs to be clicked;
  • An attachment that needs to be opened;
  • A form that needs to be filled;
  • A number that needs to be called;
  • An email that needs to be sent;
  • Or any personal or financial data that needs to be shared.

Once again, for a phishing scammer to scam you, they need to successfully get you to DO SOMETHING. If the message includes a request that is directing you to a link, attachment, form or other means of interaction, then you have found the last tell-tale sign of a scam.


Remember, if it smells and looks like a rat, then it most likely is a rat! Keep in mind that no credible or trusted organisation is going to ask you to do anything that is going to compromise your safety.



More like this

How To Prevent Ransomware Attacks

5 VPN Scams To Avoid That People Fall For

3 Ways To Test Links Before Clicking On Them

Leave a Reply

Your email address will not be published. Required fields are marked *