How to Spot a Phishing Email

Sample phishing attempts from suspect “PayPal” email account

Casey Botticello
Digital Marketing Lab
7 min readJan 4, 2020


Source: Casey Botticello of Stealth Wealth Lifestyle

What is a Phishing Attack?

A phishing attack is a form of social engineering by which cyber criminals attempt to trick individuals by creating and sending fake emails that appear to be from an authentic source, such as a business or colleague. The email might ask you to confirm personal account information such as a password or prompt you to open a malicious attachment that infects your computer with a virus or malware.

Phishing emails often tell a story to trick you into clicking on a link or opening an attachment. They may

  • Say they’ve noticed some suspicious activity or log-in attempts
  • Claim there’s a problem with your account or your payment information
  • Say you must confirm some personal information
  • Include a fake invoice
  • Want you to click on a link to make a payment
  • Say you’re eligible to register for a government refund
  • Offer a coupon for free stuff

What Are Some of the Red flags that an Email May be a Phishing Attack? (with Examples)

Below are screenshots of two phishing emails, that I recently received from a person/company purporting to be from PayPal (I reported these emails but maybe someone from PayPal Engineering on Medium can take a look):

Sample Phishing Email #1

Sample Phishing Email #2

Like many people I do have a PayPal account. So how did I know that this email was a phishing attack and not a legitimate email from PayPal?

Red Flag #1 — The email asks you to confirm personal information.



Casey Botticello
Digital Marketing Lab

🚀 Founder of | Entrepreneur & Blogger | Join 100,000+ creators & learn how to make money writing online ➜