What We Flag, and Why
Last updated: July 2025
Phish Finder highlights patterns commonly used in phishing and scam messages—especially those targeting job seekers, remote workers, or everyday users. These red flags aren’t proof of phishing—they’re signals that something deserves a second look.
🚩 What Might Trigger a Flag
- Free email domains like Gmail, ProtonMail, or Outlook.com
Scammers use free accounts because they’re easy to create and hard to trace. Real recruiters almost always use company-branded addresses.
- Links to public meeting tools like Zoom, Google Meet, or Teams Live
Often used in fake interviews—especially when paired with free email accounts.
- Urgent language
“Act now!”, “Your account will be closed”, or “Final warning” — all red flags.
- Generic greetings
“Dear user,” “Dear applicant,” or “Valued customer” instead of your name.
- Suspicious calls to action
“Click here,” “Download now,” or “Verify your identity.”
🤔 What If It’s a Legitimate Message?
Sometimes a real message may include these patterns, especially if it’s:
- From a friend, small business, or personal account
- Written emotionally or urgently
- Using casual invites (Zoom/Teams) for real reasons
Phish Finder doesn’t decide if it’s a scam. It just helps highlight the risk so you can make a better decision.
Red flags ≠ phishing. They're just reasons to pause.
<