Everyone is familiar with the spam emails, especially those that were clearly run through an online translator and sound suspicious. But many of us have also encountered the more sophisticated spam emails. The ones that make us pause and think could this be real? Those emails generally have just enough detail to seem credible at first glance, but upon further inspection, there is always something that gives them away. Here are five red flags to watch for in a spam email. 

keyboard with red spam alert button - spam email alerts


Spammers want you to act quickly so that you overlook the flaws. This is why so many spam emails imply a sense of urgency.

If you open an email that insists you take action immediately or within a few hours, or you’ll face fines, fees, or some other threat, it is almost always spam, especially if that email is demanding money or personal details. Legitimate institutions and companies will not send you emails of this nature. Any time you read an email that wants you to act fast, pause and take some time to evaluate the message critically. 

Sweet Promises

If the email sender offers you a reward that sounds too good to be true, it probably is. And if you didn’t enter a particular contest, there’s no logical way that you could be the winner. Emails that promise you will receive money or free items after you share your credit card information or other identifying information are always spam. 

Method of Contact

When determining whether or not an email is authentic, it can help to analyze who the email is supposedly from and whether or not they would send such an email. Neither the government nor your bank will ask you for personal details over email.

You may receive email notifications that important documents are ready for viewing, but you need to log in to your secure account to view the messages. Furthermore, the government will never ask you for immediate payment over the phone or through email. If you read an email like this, it is a big red flag. 

Public Email Addresses

It’s good practice always to verify the sender of an email. Is it the corporation emailing you, or is it an imposter? Is it your boss sending you a request, or is it a copycat address? Corporations, organizations, and governments have their own domain emails. If the sender uses a public email such as @gmail.com, @me.com, or @yahoo.com, etc., it is likely a scam.

We recommend paying close attention to look alike address, such as @grnail instead of @gmail. Cybersecurity firms have run tests on corporations to see if employees would notice such a trick, and most employees fall for it. If an email address doesn’t look right, don’t be afraid to ask. Call them up and ask or go knock on their office door and confirm they really did send it. You’ll feel better knowing you took the extra step to verify the email than send a spammer your personal information. 

Bad Writing 

Bad writing continues to be a big red flag for a spam email. Sure, we all make errors, especially when typing on our phones, but be wary if the grammar or word choices seem very strange. Most professional corporations will use grammar and spell-checking on their emails. We can overlook one mistake, but several should be a red flag in one email. If it really is a trusted source such as a friend, colleague, or co-worker, let them know they need to proofread their emails before sending them. 

Educate Your Team to Avoid Spam

You can help your team avoid falling prey to spam by fostering a community of cyberculture in your workplace. Encourage employees to report suspicious emails or phone calls, especially if they clicked a suspicious link or responded to a suspicious message. Offer routine training opportunities to keep everyone up-to-date on security risks and encourage company-wide support of cybersecurity policies. Consistency and awareness can help keep your business more secure. 

Cybersecurity Management in Edmonton, Alberta

Alt-Tech Inc. manages cyber security for Alberta businesses and helps foster a culture of cybersecurity. Contact us about completing a risk assessment of your business to find out where your cybersecurity plan can improve.