Every day, nearly 3.4 billion phishing check if email is legit  are sent. These messages have the primary purpose of stealing user information or taking over company systems and networks. The attackers use a variety of tactics to make these emails look as real as possible so that recipients will click on the links and download files. These attachments may contain malware in the form of spreadsheets, pricing sheets, invoice documents, photos, and even company contact directory entries. Legitimate companies do not send unsolicited email attachments. If you receive an attachment in an email, reach out directly to the company using a number listed on their website or contact directory to verify whether they did send the file to you.

How to Check If an Email is Legit: A Step-by-Step Guide

Another way to check if an email is legit is to hover over the link and inspect it. Often attackers employ slight-of-hand techniques like switching out or adding characters to trick you into thinking you’re reading an address correctly. For example, an attacker could replace an “l” with a “rn,” or switch out the.com with a.co. This is a clear sign that the email is a scam.

The best way to test an email is to create a fake account with a free provider. Use that account to send a message to the fake email address and see what happens. If the email bounces (some servers take a few minutes, some take up to one day) it is likely a fake email address. This method can be time consuming but it is accurate and effective.