Spot the Phish: Can You Tell Real from Fake?
A suspicious email lands in your inbox claiming your account has been compromised. Learn to recognize the red flags that separate phishing from legitimate messages.
The scenario
It's Monday morning. You open your email and see an urgent message:
From: security-alerts@micros0ft-support.com
Subject: ⚠️ URGENT: Your account has been compromised
Dear Valued User,
We have detected unauthorized access to your Microsoft 365 account from an unrecognized device in Lagos, Nigeria at 3:47 AM.
To secure your account immediately, please verify your identity by clicking the link below within 24 hours, or your account will be permanently suspended.
Microsoft Security Team
© 2026 Microsoft Corporation
Before you click anything, look carefully at this email. There are at least 5 warning signs that this is a phishing attempt. Let's break them down in the lesson below.
Your colleague Sarah received the same email and clicked the link. Within hours, the attacker had access to her email, sent fake invoices to three clients, and downloaded confidential project files. The breach cost the company over $45,000 in damages and lost client trust.
What to learn
🎯 The 5 Red Flags of Phishing Emails
| Red Flag | What to Look For |
|---|---|
| 1. Spoofed Sender | The domain is micros0ft-support.com (zero instead of "o"). Real Microsoft emails come from @microsoft.com. |
| 2. Urgency & Threats | "24 hours or your account will be permanently suspended" — attackers create panic so you act without thinking. |
| 3. Generic Greeting | "Dear Valued User" instead of your actual name. Legitimate services know who you are. |
| 4. Suspicious Link | Hover over any link before clicking — the URL will point to a fake domain, not microsoft.com. |
| 5. Emotional Manipulation | Fear of losing access drives hasty decisions. Real companies give you time and multiple ways to verify. |
1. Don't click any links or download attachments.
2. Verify independently — go directly to the service's website by typing the URL yourself.
3. Report it — forward the email to your IT/security team.
4. Delete it from your inbox.
📺 Watch: Phishing Awareness Training
Phishing is the #1 cause of data breaches. Over 90% of cyberattacks start with a phishing email. Your vigilance is the strongest firewall.