Phishing eMails are more and more perfectly camouflaged. While the first phishing eMails still showed clear signs of fraud now it is often very difficult or impossible to detect them. Possible identifying features for phishing are:
The receiver of a phishing eMail should be tempted to divulge personal data. Those are mainly PINs and TANs of onlinebanking accesses but as well access data for other services like mail order companies or online auction houses. They should be entered into a form within the eMail or it is referred to webpage via a link to click on that contains a form to enter the personal data.
eMails asking for PIN and TAN of onlinebanking accesses are always faked. Banks never ask their customers per eMail to transfer PIN or TAN.
Under a mostly urgent pretext the receiver is asked to perform an action as soon as possible.
Often they threaten with something bad or unpleasant to happen, for example the access will be blocked or canceled, in case of failure to follow the instructions.
The greeting in phishing eMails usually is very impersonal for example "Dear customer" or "Dear member".
The first phishing eMails still showed gross misspellings or grammar mistakes. But in the meantime phishers learnt to write almost error-free eMails. But sometimes they still use unusual expressions.
Original access sites for onlinebanking are always transmitted in SSL encrypted form to be recognized in the address line of the browser by the spelling of the URL that starts with "https://". The information on the certificate can be retrieved (for example with MS Internet Explorer by double clicking on the lock at the lower edge of the browser window). If the characteristics of the encryption are missing or the information of the certification does not correspond with the one of the bank the page is faked.
If the phisher suceeded in misleading and his victim sends the requested data instead of the usual answer page of his service provider with the information about the correct data transmission the victim usually receives an error message from which he is referred or to the correct page of the provider or back to a fake page.