Tips to Identify Phishing Emails

Introduction

Email is one of the most common ways scammers try to trick people into sharing sensitive information or opening malicious files — and billing emails are a favorite target. This guide covers what genuine Oddr emails look like, the general signs of a phishing attempt, and what to do if you're unsure.

What genuine Oddr emails always look like

Start here — these are the most reliable checks for Oddr invoice emails:

  • Sender: your law firm's own email domain.
  • Links: even though the email comes from your firm, every link points to an oddr.com address (for example, client.oddr.com). Hover to confirm before clicking.
  • Delivery: invoices come as a secure link, not as an attachment. Be cautious of any "Oddr invoice" that arrives as a file to open.
  • Personalization: real Oddr emails include your name, the client and matter name, and the invoice number where applicable. A generic "Dear Customer" greeting is a red flag — though personalized details alone don't prove an email is genuine.
  • Verification codes: when you open a document or sign in, Oddr may email you a one-time code if the access looks unusual. This is expected. Oddr and your law firm will never call or email asking you to read back or reply with that code — only enter it on the Oddr screen.

General signs of a phishing email

- Check the sender's address closely

Scammers use addresses that resemble real ones with small misspellings or extra characters. Inspect the full domain, not just the display name.

- Watch for spelling and grammar errors

Awkward phrasing and typos are common in phishing emails. Established organizations proofread their communications.

- Be wary of urgent or threatening language

Phishing relies on pressure — "act now or your account will be suspended." Slow down and verify through a channel you trust.

- Hover over links before clicking

The visible text and the real destination can differ. Confirm the URL resolves to the expected oddr.com address.

- Never share sensitive information by email

Legitimate organizations won't ask for passwords or Social Security numbers over email. If you need to share something sensitive, contact your law firm through a known phone number or website.

- Treat unexpected attachments with caution

Attachments can carry malware. Since Oddr delivers invoices by secure link rather than attachment, an unexpected "invoice" file is a reason to pause and verify.

What to do if you're unsure

Don't click links or open attachments in a suspicious email. Forward it to support@oddr.com and let your law firm know. Verifying first is always safer than acting fast.


Learn how Oddr enhances data security against phishing and unauthorized access