What is phishing mail

Checklist: How do I recognize a phishing email?

The following points can indicate a phishing email:

  • You will be asked for confidential data such as passwords, PINs, TANs and other relevant access data in connection with the specification of your own account details.
  • The emails are often written in HTML code. This can be recognized by the fact that the text of the e-mail is formatted with different fonts and font sizes, images (e.g. logos) are used and / or the background has a different color.
  • The given link looks real at first glance, but on the second one recognizes from unusual or misspelled parts of the URL that it is a wrong Internet address.
  • The other menu items displayed on the website to which you are directed do not work or generate error messages.
  • There are grammatical and spelling errors in the email as well as on the website.
  • Indications of changes to the accounting systems or software updates at online department stores such as Amazon or Ebay or at banks are a clear phishing warning signal.
  • Often the e-mail also comes from a “strange” sender address or a copy (e-mail in copy (CC)) is sent to numerous other recipients.
  • The email is not written in the bank's usual language.
  • The email uses a non-personalized salutation such as “Dear Sir or Madam”.
  • A clear warning signal is when there is a notice in the email that the data must be entered within a short period of time.


  • If there are documents or other file attachments attached to the suspicious e-mail, extreme caution is required. You should not open this, as it may also contain malware that reads the passwords stored on the computer.

Sample screenshot for a phishing email that claims to come from Deutsche Bank.
Source: Author's email on July 25, 2011