If you're familiar with common phishing attempts, you'll be less likely to fall for them. University and government cybercrime or information security websites are good sources of information.  For example, the Berkeley Department of Information Security and Policy has an archive of phishing messages available at https://security.berkeley.edu/resources/phishing/phishing-examples-archive. You can also find news and information at https://www.antiphishing.org/, the official website of the Anti-Phishing Working Group. A legitimate email typically will have a specific subject line that gives you a basic understanding of what the email will say. Phishing emails, on the other hand, use vague phrases such as "Urgent Reminder" or "Your Account at Risk" to alarm you.  Phishing email subject lines may also start with the abbreviation "Re:" to make you think the email is a response to an email you've sent. However, if you look at the email thread you can clearly see that there are no other emails. The subject line also may use special characters, emojis, or extra spaces. These don't serve any real purpose other than to draw your attention to the email by making the subject line look different from others in your inbox. Particularly if an email comes from a business, government agency, or other organization, the sender typically proofreads carefully before sending it. Obvious spelling and grammatical errors are a red flag that the email may not be legitimate. Also pay attention to the way language is used. Phishing emails frequently use words incorrectly or include awkward turns of phrase that no one would actually say. Scammers typically try to make the email address a phishing email is sent from look official or legitimate if you just glance at it. However, upon closer inspection, you'll note that something is amiss.  Instead of ending in ".com," as it should, the email address may end differently. They may include "com" in the domain to fool you. For example, you might get a phishing email from "airbnbcom.work" instead of "airbnb.com." It can take a second look to notice that odd extension. The company name may be spelled incorrectly, such as by having transposed letters or a single letter where there should be doubled letters. For example, you might get an email from "welsfargo.com" (attempting to impersonate the bank Well's Fargo). Phishing emails are desperate and insistent that the matter is urgent and you have a limited time to help or to correct a problem. Scammers want to raise a panic in you so that you give them your personal information without thinking. By the time you figure out that you've been scammed, it will be too late.  Variations of this include "last reminder" emails. If you get an email claiming to be your "last reminder" of something and you never received any previous reminders, it's likely a phishing attempt. If the scammer is impersonating a friend or family member rather than a business or government agency, contact that person directly and ask if them about the email. Scammers often use copyright and trademark symbols to make their emails appear more official. However, business communications, such as emails, aren't entitled to copyright protection. A phishing email may include legitimate logos or other branding from the company or organization the scammer is trying to impersonate. They want to make their email look as believable as possible so you'll fall for the scam. Don't expect a scammer to respect intellectual property rights.

Summary:
Read information on the latest phishing attempts. Check if the subject line is vague or oddly formatted. Look for spelling, grammar, and punctuation errors. Examine email addresses carefully. Treat "urgent" requests with suspicion. Recognize improper use of copyright or trademark notices.