How to spot a 'Phishing' email and Keep Your Business Safe

11.06.25 10:19 AM Comment(s) By Boitumelo

Watch Out: Think before you click

Phishing attacks have become increasingly deceptive— if you're not careful, it's easy to fall for one. Some prey on our tendency to skim emails, rely on visual cues like familiar logos or jargon, or respond hastily to anything marked as urgent. They’re not always complex— many are simple, but just convincing enough to earn your trust if you’re not paying attention.

Received something like this before?

Or maybe you've received a variation with subjects like:

"Your Zoom account is suspended"
"You missed a Zoom meeting"
"New Zoom message received"

Whatever variation you have (or have not received), these kinds of emails can be so easy to click on if you are not paying attention.

To answer the question,' How do I know if an email is a phishing email or a scam?' Let's have a look at what's wrong with this email that was recently received by one of our team members:

Platform

While this may not apply to all organizations, it's still something to consider. If your organization holds all internal meetings on a different platform (such as Teams). Receiving an email inviting you to a weekly meeting on Zoom might be an immediate red flag. Also, if you notice, it says 'accepted'- be careful not to click the link to find out what exactly you accepted.

Strange sender format

The format (O=EXCHANGELABS/OU=EXCHANGE...), is not how legit Zoom emails are structured.

Zoom emails should come from @zoom.us or @zoom.com- not from an Exchange server's internal address format.

The use of a legit logo to gain trust

When you first click open the email, the first thing that draws your attention is the Zoom logo. It's familiar/recognizable, so if you're skimming through, you may let your guard down and miss all the other red flags.

Suspicious sender email

Always, always, always check the sender email, majority of the time, it's the dead give away that something is fishy...or, you know, phishy.

In this case, the email is not a Zoom domain. It looks like a personal or small org email, which is unusual for a Zoom system-generated message.

Generic language

No meeting title, organizer name, or details. Often, emails like this will also contain urgency without much context.

Real Zoom invites usually include specifics like topic, time, and host name.

File size

This might not always be the case, but it's worth adding to the mix.

Legitimate Zoom or Outlook meeting invites usually include metadata like date, time, location, meeting link, agenda, and possibly attachments or participant info. This often results in a file size larger than 1 KB.

Attackers often use tiny files to avoid detection by email filters and to appear harmless to users.

While .ics calendar invites can be legit, the file size is small (1KB) and may indicate that it is a malicious redirect link or a script meant to exploit vulnerabilities in calendar applications when opened or imported.

Think before you click!

Odd Time

Though this one may not always be the case, coupled with the other clues, it becomes the cherry on top.

Look out for emails coming in after business hours or on the weekends, timezone mismatches or mismatched time stamps.

Other red flags to look out for

The red flags never end, but be on the lookout for poor grammar, punctuation, or formatting.

The takeaway?

Pay Attention. Pay Attention. Pay Attention.

The days of clicking on things without any consequences are long gone (were they ever there?)

The logo might look legit. The meeting title might sound important. But if you don’t slow down to examine the details, you could end up compromising your organization.

Before you click, check:

Who sent it?
What are they asking?
Does this align with how your organization usually communicates?

When in doubt- don’t click. Verify through a different channel.

Want to check if your MS365 Environment is prepared for the just in case?

We recommend getting a penetration test to ensure your organization is well-protected against potential vulnerabilities and attacks. A thorough assessment can uncover weaknesses before cybercriminals do, giving you the opportunity to strengthen your defences and train your team. Don't wait for a breach to take action!

Book a Consultation