← All resources
Guide

Is this email a scam? A 60-second check

Got an email that feels off? You don’t need to be a security expert to judge it. Run these five quick checks — most take seconds — and you’ll catch the large majority of scams.

Guide · 5 min read · By SafeToOpen Research · June 2026

Suspicious emails arrive constantly — around 3.4 billion phishing emails are sent every day worldwide. [1] You can’t investigate each one for ten minutes, so here’s a check you can actually run in under a minute, every time.

The 60-second check

1. Who really sent it? (10 seconds)

Tap the sender to reveal the full address — not just the display name. Is it a public domain (@gmail.com) pretending to be a company? Is the domain subtly misspelled (paypa1.com)? Does it differ from how that company usually emails you?

2. Is it rushing you? (5 seconds)

Scams manufacture urgency: “act now,” “account will be closed,” “payment failed.” Genuine organisations rarely threaten you into immediate action. Pressure is a red flag in itself.

3. Where do the links really go? (15 seconds)

Hover (or press and hold on mobile) to preview a link’s true destination. Mismatch between the text and the actual domain? Don’t click. Vague “click here” buttons hiding the URL? Be suspicious.

4. Is there an unexpected attachment or QR code? (10 seconds)

Unexpected invoices, ZIPs, HTML files or QR codes are classic payloads. If you weren’t expecting it, don’t open or scan it.

5. What is it asking for? (10 seconds)

No legitimate company asks you to confirm a password, full card number, or a one-time code by email. Any such request is a scam until proven otherwise.

3.4 billion
Phishing emails sent worldwide every day. A fast, repeatable check is the only realistic defence. [1]

If it passes but still feels wrong

Trust that instinct. Don’t use any link or phone number in the email — go to the company independently through their app or by typing their address. Call them on a number you find yourself, not one the message gives you. This single habit defeats most impersonation, including business email compromise.

The honest limitation

A 60-second check catches a lot, but the best scams are designed to pass it — clean grammar (often AI-written), a real-looking sender, a brand-new link with no bad reputation yet. You shouldn’t have to be the last line of defence on every message.

The one-click way to be sure

When an email matters and you’re not certain, verify it instead of guessing. SafeToOpen Email Security analyses the message — headers (SPF, DKIM, DMARC), links, QR codes, attachments, sender reputation and domain age — and shows a clear verdict right in Outlook or Gmail. It even catches brand-new phishing links that no blocklist has seen yet.

Turn “I think it’s fine” into “I know”

SafeToOpen Email Security gives every suspicious message a clear trust score, in one click, inside your inbox.

How Email Security works →

The takeaway

Five checks — sender, urgency, links, attachments, and what it asks for — will screen out most scams in under a minute. When something still feels off, reach the company independently, and verify the message in one click rather than trusting a guess.

See it for yourself

SafeToOpen verifies suspicious email in Outlook and Gmail in one click — free to start.

See plans →

Sources

  1. Phishing email volume (~3.4 billion/day), industry aggregate cited in Zensec. zensec.co.uk

External statistics are attributed to their original publishers and were accurate at the time of writing. Figures from industry reports vary by methodology and period; we link to primary sources so you can verify them.

Keep reading

EmailHow to spot a phishing emailGuideI clicked a phishing link — what nowBusinessBusiness email compromise, explained