Spotting Scam Mails from seemingly legit services

For ProtonMail users there is a simple way to avoid this. The service warns you in every e-mail, if the sender raises suspicion, because of using not properly set up domains:

Do your e-mail service providers have similar features?

If not, you should always be suspicious of anyone trying to let you download or click on anything, especially if such e-mail comes out of nothing, because you did not expect it.