Cofense Email Security

Phishing Prevention: 8 Email Security Best Practices

To advance phishing prevention, most security professionals concur that anti-phishing best practices for organizations must include regular and effective workforce training to identify phishing emails that evade detection by common technology controls. It is also important to have a mitigation strategy in place for phishing prevention, and to limit the consequences of a phishing email that avoids identification and is acted on.

Phishing emails – particularly social engineered phishing emails – are often highly sophisticated, and are designed to evade detection during an email filter´s front-end tests by having the right Sender Policy Frameworks and SMTP controls. They are rarely sent from blacklisted IP addresses, and therefore pass RBL checks before being delivered to the recipient´s inbox.

When a phishing email evades detection by all the technological solutions available and arrives in a target´s inbox, the only thing that will now stop the phishing attack from being successful is the vigilance of the intended target. In order to ensure employees remain vigilant, anti-phishing best practices for organizations should include sharing the following information. 

8 Email Security Best Practices for Phishing Prevention

Phishing prevention requires constant vigilance; these characteristics commonly found in phishing emails will help your teams stay safe.

1. Emails Insisting on Urgent Action

Emails insisting on urgent action do so to fluster or distract the target. Usually this type of email threatens a negative consequence if the action is not taken, and targets are so keen to avoid the negative consequences that they fail to study the email for inconsistencies or indications it may be bogus.

2. Emails Containing Spelling Mistakes

Most companies now use spell-checking features in email clients or web browsers to ensure their corporate communications maintain a professional appearance. Emails purporting to come from a professional source that contains spelling mistakes or grammatical errors should be treated with suspicion.

3. Emails with an Unfamiliar Greeting

Emails sent by friends and work colleagues usually start with an informal salutation. Those addressed to “Dear XXXXX” when that greeting is not normally used, and those containing language not often used by friends and work colleagues, likely originate from an attacker and should not be actioned or replied to. Instead they should be reported to the organization’s IT security team as an important phishing prevention precaution.

4. Inconsistencies in Email Addresses

Among other email security best practices to introduce is the random checking of senders’ email addresses – especially when an email address belonging to a regular contact is unfamiliar. By checking the sender email address against previous emails received from the same person, it is possible to detect inconsistencies.

5. Inconsistencies in Links and Domain Names

Links to malicious websites can easily be disguised as genuine links. Therefore, it is also advisable to encourage employees to hover a mouse pointer over a link in an email to see what `pops up´ as an address. If an email claims to be from (say) a business contact, but the pop up indicates an unfamiliar website, the email is likely a phishing email.

6. Be Wary of Suspicious Attachments

File sharing in the workplace now mostly takes place via collaboration tools such as Dropbox, OneDrive or SharePoint. Therefore emails from colleagues with file attachments should be treated suspiciously – particularly if the attached file has an unfamiliar extension or one commonly used to deliver malware payloads (.zip, .exe, .scr, etc.).

7. Emails That Seem Too Good to Be True

Emails that seem too good to be true incentivize targets to click a link or open an attachment with the promise that they will benefit by doing so. Even when phishers use social engineering to appeal to the target ́s curiosity or greed, the intended targets have  not usually initiated contact. These emails should be flagged as suspicious at once.

8. Emails Requesting Login Credentials, Payment Information or Other Sensitive Information

Emails requesting login credentials, payment information or other sensitive information should always be treated with caution. By adopting the anti-phishing best practices detailed above, recipients of these emails should be able to determine whether or not they represent a threat, and deal with them accordingly.

Phishing Prevention Conclusion

Phishing prevention requires constant vigilance. Educate your teams and enlist them in the fight against phish to measurably boost your company’s cybersecurity posture. 

Cofense can help. Contact us today.

Frequently Asked Questions

Phishing prevention is the practice of safeguarding digital information assets from malicious actors by ensuring that individuals and organizations are aware of the dangers posed by phishing threats.

Phishing refers to fraudulent attempts by cyber criminals to gain access to sensitive data, such as passwords and financial information, through emails or online messages.

This type of malicious activity can cause serious harm, including identity theft, monetary losses, reputational damage or even loss of life in extreme cases.


Threat actors are notoriously effective at defeating even the toughest security countermeasures to get malicious email into inboxes. It’s wise to be prepared, and always on guard, when encountering a message of any kind from an unfamiliar sender.

In order to better protect yourself against these types of attacks there are several steps you can take:

  1. Be wary when receiving emails from sources you don’t recognize
  2. Ensure that all computer systems have up-to-date
  3. Use strong passwords for all online accounts
  4. Regularly review bank account statements for any suspicious activity
  5. Avoid public WiFi networks (if accessing sensitive data)
  6.  Use a virtual private network (VPN)
  7. Educate employees/members about cybersecurity practices

Without best-in-class tools, you may not be able to keep phish out of your inbox 100 percent of the time but you can protect yourself against many of phishing’s most dangerous intended outcomes.

In general, make sure that the sender is who they say they are. Be on the look out for inconsistencies in email addresses, links and domain names. Also, if an email seeks login credentials, payment information or other sensitive identifying specifics (social security number and date of birth for example), find another way to validate the purpose of the message. Don’t click on an email link; open your browser and log into the account in question.

Many organizations offer free resources for improving email security and defending against phish. The National Cyber Security Alliance offers tip sheets, videos and more on the topic. Cofense provides extensive resources designed to educate general audiences on phishing tactics, trends and prevention. Videos, articles, infographics, webinar replays and other types of media are available for free and on demand.

Interested in learning more about phishing detection and response?

Explore our Resource Center for our latest content

Explore our database of phish found in environments protected by SEGs, updated weekly

Download our latest Phishing Review to learn about threat landscape trends.


We use our own and third-party cookies to enhance your experience. Read more about our cookie policy. By clicking ‘Accept,’ you acknowledge and consent to our use of all cookies on our website.