Learn

Before you respond

Is this email a scam?

Learn the signs to slow down for in emails with fake invites, password prompts, attachments, account warnings, and sign-in links.

Reviewed June 10, 2026

Quick answer

An email may be a scam if it asks you to click a link, open an attachment, sign in, pay, or share information after an unexpected warning or fake invite.

Do not use the email link. Open the official app or type the official website yourself before taking action.

At a glance

Email phishing scams use fake invoices, invitations, warnings, attachments, or sign-in pages to steal passwords, codes, money, or data.

  • The sender address, link, or website does not match the real organization.
  • The email asks for passwords, passcodes, two-factor codes, card numbers, identity information, or remote access.
  • It includes an unexpected attachment, invoice, security alert, refund, delivery problem, or invitation from a platform you recognize.

Do not click links or open attachments until you verify.

Email phishing signs to compare

Start by checking what the email wants you to do, then verify outside the email.

Email detail

Sender and link

Safer check

The domain matches the official organization

Warning sign

The address or link has extra words, misspellings, or a strange domain

Email detail

Attachment or invite

Safer check

You expected the file and can confirm with the sender

Warning sign

You must sign in or enter a passcode to view something unexpected

Email detail

Account warning

Safer check

You can review activity in the official app

Warning sign

The message says to use its link or phone number immediately

A professional logo or layout does not prove the email is real.

How phishing emails push people to sign in

Phishing emails often copy familiar brands, coworkers, banks, shipping companies, event platforms, or cloud tools. The email may ask you to open an attachment, pay an invoice, accept an invitation, or sign in to fix an account problem. The page can collect passwords, passcodes, payment details, or two-factor codes.

Check the sender, link destination, and request before you click. It is safer to open the official app or type the website yourself. If the email is about a boss payment or invoice change, compare it with business email compromise. If it asks for a code or password, treat it like an account takeover risk.

What it may look like

"You are invited. Enter your email password or passcode to open the event details and RSVP."

Signs to slow down

  • The sender address, link, or website does not match the real organization.
  • The email asks for passwords, passcodes, two-factor codes, card numbers, identity information, or remote access.
  • It includes an unexpected attachment, invoice, security alert, refund, delivery problem, or invitation from a platform you recognize.
  • It creates urgency so you click before checking.
  • It says a host or contact invited you, but you must enter login details to see the event, creating an account takeover risk.

What to do next

  • Do not click links or open attachments until you verify.
  • Go to the official app or website yourself.
  • For a fake invite, contact the host through a separate channel before entering any email login or passcode.
  • Check the sender address and link destination carefully.
  • Use two-factor authentication and change your password quickly if you entered credentials.
  • Forward phishing emails to reportphishing@apwg.org and phishing texts to 7726, then report to the FTC when appropriate.

How to report it

  • Forward phishing emails to reportphishing@apwg.org when appropriate.
  • Report phishing texts to 7726 and fraud attempts to ReportFraud.ftc.gov.
  • Change affected passwords and enable two-factor authentication if you entered credentials or passcodes.

How Olevo can help

Olevo can give you a calm second opinion before you respond.

Paste the email text for a Private Check, or upload a screenshot if the sender, link, or layout is easier to show; screenshots use Detailed Review.

Trusted sources

Common questions

Can a phishing email look professional?

Yes. A polished logo or layout does not prove an email is real. Check through the official account instead.

What should I do if I clicked a link?

Do not enter more information. If you shared a password, passcode, or payment details, change the password and contact the affected company or bank.

Is an attachment safer than a link?

No. Unexpected attachments can be risky too, especially invoices, forms, security notices, or files from unknown senders.

What should I do if I entered my password on a phishing page?

Change the password immediately from the real website or app, turn on two-factor authentication, and review account activity for changes you did not make.

Related pages