How to Identify a Dangerous/Malicious Email

Between Trojans, spyware, and ransomware, your data and your operations can be severely and irreparably affected by just one successful cyberattack.

How can you lessen your chances of falling victim to these different kinds of malicious software? There is, of course, a technical piece here: having updated anti-virus, robust firewalls, and other solutions that we touch on more deeply in this article.

But as we indicated in that same piece, employee education is the real key; even if you have the right technical solutions in place, none is foolproof, and none will protect you in the face of human intervention.

A critical element of this education is teaching your staff how to identify a dangerous or malicious email before they react in a way that could impact your network. And after two decades in the IT support industry, you can imagine that we’ve seen our fair share of both close calls and full-blown, large-scale infections.

Below we’ve taken our experiences to compile a list of the most telling red flags when it comes to malicious emails, along with the steps you can take to keep yourself safe.

Most common red flags that signify a dangerous/malicious email

Here are four common red flags that you and your employees should be on the lookout for in your Inboxes:

  • The email doesn’t address you by name. This is more important than you may think. If the email begins with a simple “Hi,” a vague “Sir/Madame,” or your email address, there’s a large possibility that the email is spam. These sort of impersonal greetings will often be a warning that you need to keep your eyes keenly peeled for one (or more) of the following malicious attempts.
  • Attachments are executable files. Generally, attachments you receive will be documents or graphics with the corresponding “.doc,” “.pdf,” “.jpg,” or “.png” extensions. Very, very seldom will it be appropriate for you to receive attachments that are “executable files,” or files that will actively run a program on your machine. These files end in extensions like “.exe,” “.com,” “.bat,” or “.scr” (or, more cleverly, a double extension like “.doc.exe”). Oftentimes these sorts of attachments will end up running a malicious program on your machine, so be sure to contact the sender (preferably by phone) prior to opening to verify that the file is legitimate.
  • Hyperlinks are masked. Sending a web link in an email seems common and innocuous enough, right? As long as the link takes you where it claims to. Links to websites can easily be masked or hidden, meaning that a seemingly harmless URL could really be pointing you to a different site that is riddled with malware. To make sure that any links are safe, there are two easy ways to check their veracity: 1) hover your mouse over the link and check the URL that appears in the bottom left-hand corner of your screen; 2) right-click on the link and check its “Properties.” In either case, the URL on your screen or in the link properties should match the URL in the email. If there is hyperlinked text rather than a URL, make sure that the web address has only one domain ( as opposed to
  • The email contains requests for personal information. Always always always be suspicious of messages that make requests for any sort of sensitive or personal information, even if it appears to come from someone you know. Whether it is your bank requesting information (or else you’re subject to a ridiculous fee!), your email provider requesting credentials (or else they’ll delete your account!), your CEO requesting immediate funds (or else she’ll miss her flight!), or a law enforcement official demanding your address and SSN (or else you’re obstructing an investigation!), verify the request before you do anything. Hackers have the ability to “spoof” emails (mask their email address with another), so that they appear to come from a trusted sender; in many cases, hitting “Reply” will reveal an unknown Gmail or Yahoo! account. Call the supposed sender to make sure the message came from them, and—just to be extra careful—begin a new email chain if and when you do respond to a legitimate request.

The 5 most important ways to keep yourself safe from malicious emails

When it comes to keeping yourself safe from malicious emails, here are five main principles to live by:

  • Only open attachments you explicitly requested.
  • If you absolutely must send private information, start a fresh email chain, and use an encrypted email service where possible.
  • Verify all web links before clicking on them.
  • Be wary of any email that uses threats or intimidation to try to coerce you, even if the sender appears to be someone you know.
  • Investigate any and all emails that do not address you by name, especially those that supposedly come from a known sender.

As unfortunate as it may be, it is critical that we all remain suspicious of the messages we receive; hackers and cybercriminals are a toxic combination of relentless and creative, so we must remain guarded at all times.

With these red flags and tips, though, we hope that you and your staff will feel more confident as they vet their Inbox for legitimate and potentially threatening messages.

After all, knowledge is…well, you know how it goes.

More Insights