If you know what to look for, phishing emails are easy to spot. Even though phishing scams are always evolving, knowing just the basics can help you with identifying potentially malicious emails.

Scammers use common forms of communication to maximize the reach of their scams — and so far, they’ve been successful. People lost $30 million to phishing schemes in 2017, according to the FBI’s Internet Crime Complaint Center.

Hackers use phishing attacks to gain access to online accounts by acquiring login credentials. While there are many phishing techniques, email is the most popular one.

How to protect yourself from phishing emails

Phishing attacks are quite common. Sixty-four percent of organizations experience a phishing attack, according to a 2018 study published by Check Point Research. You’re bound to come across a phishing email from time to time.

The key to protecting yourself from these scams is to remain vigilant when reading your emails. If you pay close attention to the emails you receive by looking for the signs of phishing, you’ll typically decrease the likelihood of being scammed. You need to know what to look for in your emails.

How to recognize phishing attacks

Scammers do a decent job of deceiving their targets with phishing scams. While recognizing phishing attempts is becoming harder, mainly due to scammers frequently updating their tactics, even the average consumer can identify when they’re being scammed.

If an email seems off to you, take a closer look at it. Where did the email come from? Is it from a public domain? For example, does the sender have a Gmail address? If so, the email about your Netflix account isn’t from anybody at Netflix. More than likely, it’s from a hacker attempting to gain access to your Netflix account.

Even if the domain looks legitimate, check it again if something in the email you’re reviewing seems off. Scammers frequently use a misspelled domain in the hope of catching targets off guard.

The copy in a phishing email is typically poorly written. Are there misspellings? Is the greeting generic? For example, does the sender address you only as a customer or a member? Look closely for poor grammar or punctuation in the copy. Both are typically dead giveaways of a phishing email.

A phishing email usually also invites its target to click on a link. For example, if the copy in the email is about updating the billing details for your Netflix subscription, there will often also be a link titled “Update Your Billing Details Now.” If you don’t want to be scammed, don’t click it! If you do click it, you may unintentionally download malware or be directed to a fraudulent site requesting you enter your account details.

Phishing attacks are going to get worse before they get better. To protect your company from hackers, educate yourself and your team members on what phishing attacks are and how to recognize phishing emails. The more knowledgeable you and your employees are on how hackers attempt to gain access to accounts, the more secure your networks and systems will be.