---
title: "Think Before You Click: Spotting a Phishing Attempt - Blogs on IT Support and Cybersecurity for Small Business"
description: "Give Me the Short Answer - What’s Phishing?Phishing is where you get an email that looks like an actual legit email. The goal that a cybercriminal has is to trick you into giving them a password or access to an account (like to PayPal, Facebook, or y"
url: "https://colemantechnologies.com/blog/think-before-you-click-spotting-a-phishing-attempt"
date: "2026-06-07T05:54:51+00:00"
language: "en-GB"
---

## Blogs on IT Support and Cybersecurity for Small Business

Insights on cybersecurity, AI, and IT strategy to help business leaders reduce risk, improve performance, and make better technology decisions.

 [ Categories ](https://colemantechnologies.com/blog/categories "Categories")

 [ Tags ](https://colemantechnologies.com/blog/tags "Tags")

 [ Categories:  All Categories ](https://colemantechnologies.com/javascript:void(0); "Categories")

 Search...Suggested keywords

 [  x ](https://colemantechnologies.com/javascript:void(0);)

 <a class="eb-image-viewport"></a>

#  Think Before You Click: Spotting a Phishing Attempt

  [Coleman Technologies Blog](https://colemantechnologies.com/blog/categories/blog)   [Security](https://colemantechnologies.com/blog/categories/security)

  [Coleman Technologies Admin](https://colemantechnologies.com/blog/blogger/darren-coleman)

  Monday, 12 August 2019

## Give Me the Short Answer - What’s Phishing?

Phishing is where you get an email that looks like an actual legit email. The goal that a cybercriminal has is to trick you into giving them a password or access to an account (like to PayPal, Facebook, or your bank) or to get you to download malware.

The problem with phishing emails is how real they can seem. A [phishing](https://www.colemantechnologies.com/blog/how-not-to-teach-your-team-about-phishing-courtesy-of-godaddy/ "phishing") attempt for your PayPal information can look just like an everyday email from PayPal.

Even worse, often phishing emails try to sound urgent. They make you feel like you have to take action quickly, or that a bill is overdue, or that your [password](https://www.colemantechnologies.com/blog/hey-you-update-your-google-password-right-now/ "password") has been stolen. This can lower the user’s guard, and force them into a sticky situation.

## How to Spot a Phishing Attack

Like I said, it’s not always going to be obvious when you get phished. Even careful, security-minded, technical people can fall victim because phishing is just as much of a psychological attack as it is a technical one.

Still, there are some practices you and your staff should use:

### Always Use Strong, Unique Passwords

This can solve a lot of problems from the get-go. If your PayPal account gets hacked, and it uses the same password as your email or your bank account, then you may as well assume that your email and bank account are infiltrated too. Never use the same password across multiple sites.

### Check the From Email Address in the Header

You’d expect emails from Facebook to come from This email address is being protected from spambots. You need JavaScript enabled to view it., right? Well, if you get an email about your password or telling you to log into your account and it’s from This email address is being protected from spambots. You need JavaScript enabled to view it., you’ll know something is up.

Cybercriminals will try to make it subtle. [Amazon](https://www.colemantechnologies.com/news-events/darren-coleman-hits-amazon-best-seller-list-with-easy-prey/ "Amazon") emails might come from This email address is being protected from spambots. You need JavaScript enabled to view it. or emails from PayPal might come from This email address is being protected from spambots. You need JavaScript enabled to view it.. It’s going to pay off to be skeptical, especially if the email is trying to get you to go somewhere and sign in, or submit sensitive information.

### Don’t Just Open Attachments

This is nothing new, but most malware found on business networks still comes from email attachments, so it’s still a huge problem. If you didn’t request or expect an email attachment, don’t click on it. Scrutinize the email, or even reach out to the recipient to confirm that it is safe. I know it sounds silly, but being security-minded might build security-mindfulness habits in others too, so you could inadvertently save them from an issue if they follow your lead!

### Look Before You Click

If the email has a link in it, hover your mouse over it to see where it is leading. Don’t click on it right away.

For example, if the email is about your PayPal account, check the domain for any obvious signs of danger. Here are some examples:

- **Paypal.com** - This is safe. That’s PayPal’s domain name.
- **Paypal.com/activatecard** - This is safe. It’s just a subpage on PayPal’s site.
- **Business.paypal.com** - This is safe. A website can put letters and numbers before a dot in their domain name to lead to a specific area of their site. This is called a subdomain.
- **Business.paypal.com/retail** - This is safe. This is a subpage on PayPal’s subdomain.
- **Paypal.com.activecard.net** - Uh oh, this is sketchy. Notice the dot after the .com in PayPal’s domain? That means this domain is actually activecard.net, and it has the subdomain paypal.com. They are trying to trick you.
- **Paypal.com.activecardsecure.net/secure** - This is still sketchy. The domain name is activecardsecure.net, and like the above example, they are trying to trick you because they made a subdomain called paypal.com. They are just driving you to a subpage that they called secure. This is pretty suspicious.
- **Paypal.com/activatecard.tinyurl.com/retail** - This is really tricky! The hacker is using a URL shortening service called TinyURL. Notice how there is a .com later in the URL after PayPal’s domain? That means it’s not PayPal. Tread carefully!

Keep in mind, everyone handles their domains a little differently, but you can use this as a general rule of thumb. Don’t trust dots after the domain that you expect the link to be.

## Training and Testing Go a Long Way!

Want help teaching your staff how to spot phishing emails? Be sure to reach out to the IT security experts at COMPANYNAME. We can help equip your company with solutions to mitigate and decrease phishing attempts, and help educate and test your employees to prepare them for when they are threatened by cybercriminals.

 [  ](https://colemantechnologies.com/javascript:void(0);) [  ](https://colemantechnologies.com/javascript:void(0);) [  ](https://colemantechnologies.com/javascript:void(0);)

Tags:

  [Network Security](https://colemantechnologies.com/blog/tags/network-security)   [Phishing](https://colemantechnologies.com/blog/tags/phishing)   [Spam](https://colemantechnologies.com/blog/tags/spam)

 [×](https://colemantechnologies.com/javascript:void(0);)

Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

 Your Name

 E-mail Address

 [  Know Your Tech: Virtual Machine ](https://colemantechnologies.com/blog/know-your-tech-virtual-machine)

 [  Microsoft is Constantly Improving Office 365 ](https://colemantechnologies.com/blog/microsoft-is-constantly-improving-office-365)

 About the author

 [ ![Coleman Technologies Admin](https://colemantechnologies.com/media/com_easyblog/images/avatars/author.png) ](https://colemantechnologies.com/blog/blogger/darren-coleman)

 [Coleman Technologies Admin](https://colemantechnologies.com/blog/blogger/darren-coleman)

  [  ](https://colemantechnologies.com/blog/blogger/darren-coleman)

Author's recent posts

  [More posts from author](https://colemantechnologies.com/blog/blogger/darren-coleman)

 [ Tuesday, 05 May 2026  Darren Coleman Featured in Boss Today on AI Literacy and Human Judgment ](https://colemantechnologies.com/blog/darren-coleman-bosstoday-ai-literacy)

 [ Monday, 06 April 2026  How Cloud IT Services Are Transforming Business Continuity ](https://colemantechnologies.com/blog/how-cloud-it-services-are-transforming-business-continuity)

 [ Monday, 06 April 2026  Darren Coleman Featured in USAWire on Why Businesses Need an AI Strategy ](https://colemantechnologies.com/news-a-events/darren-coleman-usawire-ai-strategy)

## Schema

```json
{
    "@context": "https://schema.org",
    "@type": "BreadcrumbList",
    "itemListElement": [
        {
            "@type": "ListItem",
            "position": 1,
            "name": "Home",
            "item": "https://colemantechnologies.com"
        },
        {
            "@type": "ListItem",
            "position": 2,
            "name": "Blog",
            "item": "https://colemantechnologies.com/blog"
        },
        {
            "@type": "ListItem",
            "position": 3,
            "name": "Coleman Technologies Admin",
            "item": "https://colemantechnologies.com/blog/blogger/darren-coleman"
        },
        {
            "@type": "ListItem",
            "position": 4,
            "name": "Think Before You Click: Spotting a Phishing Attempt",
            "item": "https://colemantechnologies.com/blog/think-before-you-click-spotting-a-phishing-attempt"
        }
    ]
}
```