What’s the difference between spam and phishing?

Still have a question, spotted an error, or have a better explanation or a source we should cite?

You've probably deleted hundreds of spam emails without a second thought. But have you ever stopped to wonder if that "special offer" from an unknown sender was just annoying, or actually dangerous? That's exactly where the line between spam and phishing matters.

Spam is unsolicited bulk email. Someone got your address (or bought a list, or guessed at it) and sent you something you never asked for. Think discount codes from a store you've never heard of, weight-loss supplement ads, or cold outreach from a marketing agency halfway across the world. It's a nuisance. It clogs your inbox and wastes your time, but it's not typically trying to hurt you.

Phishing is a different animal. It's deceptive email designed to trick you into handing over something valuable. That might be your password, your credit card number, or access to your company's systems. Phishing emails impersonate people or organizations you trust, and they create urgency to make you act before you think.

Here's what each looks like in the wild:

Spam example: An email from deals@best-prices-online.net with the subject line "80% OFF today only!!" promoting a product you've never searched for. It links to a sketchy storefront. Annoying? Yes. Trying to steal your login? Probably not.

Phishing example: An email that looks like it's from your bank, using the bank's logo and colors, asking you to "verify your account" because of "suspicious activity." The link goes to a fake site designed to capture your credentials. The sender might be security@yourbank-support-alert.com (not your bank's actual domain). That's phishing.

The clearest way to remember the difference is this: spam wants your eyeballs, phishing wants your data (or your money, or your access).

Still one important note: some emails are both. A phishing campaign sent to millions of people at once is technically spam too. And some spam can carry real risks, like malware hidden in attachments or links to malicious sites. So "spam" doesn't automatically mean "harmless." It just means unwanted and bulk.

Warning signs that separate phishing from regular spam:

  • The sender domain doesn't match the organization it claims to be from
  • There's urgency language like "act now", "your account will be suspended", "verify immediately"
  • You're asked to click a link and enter a password or payment details
  • The greeting is generic ("Dear Customer") rather than your actual name
  • Hovering over the link shows a URL that has nothing to do with the sender's claimed identity

If you're curious how mailbox providers actually detect and block these threats, the answer gets into how mailbox providers detect malicious messages. And if you want to understand how domain authentication fits into stopping phishing, protecting your domain from spoofing is a good next read.

Not sure if a suspicious email in your inbox is spam or something worse? Drop it into our Email Header Analyzer and it'll show you what's actually going on under the hood.

Contributors

Who worked on this answer

Every name links to their profile. Every company links to their site. Real people, real accountability.

Ask an AI · tailored to your setup

Paste your email details above and get a quick read on whether it's spam, phishing, or just annoying.

I've received an email and I'm not sure if it's just spam or something more dangerous. Based on what I describe, can you tell me whether it looks like spam or a phishing attempt, and what the red flags are? Here's what the email looks like: - Sender name and address: paste here - Subject line: paste here - What it's asking me to do: describe the action or link - Any urgency language or threats: describe - Organization it claims to be from: name Please rank the red flags from most to least serious, tell me if this is likely spam or phishing, and suggest what I should do next.

Edit the yellow boxes, then send to the AI of your choice.