The best way to prevent phishing attacks is to recognise the differences between a fake email and the real deal. Phishing scammers will try to reel you in by creating emails that look authentic and appear to come from a sender you trust, but there are always tell-tale signs to be spotted.
Despite what it might sound like, no fishing rods or angling gear are involved in the types of phishing that happen over the internet or phone.
Phishing is a form of cybercrime where scammers send fraudulent messages with the aim of deceiving people. This could mean tricking you into sharing personal information that can be exploited or persuading you to download a malicious file that compromises the security of your IT systems.
Phishing scammers can target you through a variety of channels, but the most common types of phishing occur via emails, texts and phone calls.
So you’ve received an email and something feels off, but you still aren’t sure whether it’s real or a scam. What then? You can head to your internet browser, open your bookmarks or favourites and come back to this article to refer to our handy checklist below.
Phishing emails can be easy to detect, provided you know what to look for. Here are eight red flags that indicate your email is a scam:
We have all been guilty of overlooking a typo when sending an email. However, several typos combined with poor grammar and spelling are key indicators that your email is in fact a phishing scam. It’s also important to consider tone of voice – does it seem professional? Does the vocabulary used match the level of formality you would expect from the message?
Phishing scammers always want you to ‘act now’ or ‘reply immediately’ because they don’t want to allow you the time to properly review the email and question its legitimacy. This false sense of urgency is one of the reasons why phishing is so effective. No matter how urgent the request may seem, you should always take the time to check for signs of a phishing scam.
Remember when you were a child and your mum would tell you ‘look, don’t touch’? Well, the same principle applies here. When it comes to email links ‘look, don’t click’ – at least until you’re certain the link is safe. Phishing emails will often link to malware sites, which can infect your IT systems and result in a data breach.
Does the URL for the link you’re about to click on look legitimate? If the URL is unrelated to the website referenced in the email or contains random number and letter combinations, it’s likely to be a scam. You can view a link’s URL without clicking on it by hovering your mouse over the link.
You should also double-check the sender’s email address – again, a mishmash of letters is a sure sign of phishing, but even recognisable domains can be cause for suspicion. You might be used to seeing ‘gmail.com’ and ‘hotmail.com’ in your inbox, but reputable organisations (like your bank) will only use private company domains to send their emails.
Context is important. A generic greeting like ‘dear sir’ might not be an immediate cause for concern – unless the email is from your sister. Likewise, if an email from the CEO of your company starts with ‘hello friend’, it has probably been sent by a spammer. If the greeting seems at odds with the sender, don’t trust the email.
You should be extremely careful with sharing your personal information online. We would hope that in 2022 every internet user knows that sharing their bank details on a webpage they have just opened is a bad move, but many people remain oblivious to the dangers of sharing other sensitive information, like their name, date of birth, address and phone number. Sharing this type of information might seem harmless but it can all be used by scammers to steal your identity and commit acts of theft.
Never open an email attachment unless you are 100% certain you trust the sender and you know exactly what’s attached. A malicious attachment could be disastrous for your IT systems. As with suspicious links, you can hover your mouse over the attachment to view the file name without opening it. Always check the file extension (e.g. ‘.docx’ or ‘.png’) at the very end of the file name – scammers will often use long file names to hide unfamiliar file extensions that could rouse suspicion.
If it seems too good to be true, it probably is. Trust your gut. As nice as it would be to live in a world where you win £100,000 in a competition you never even entered, that’s not how life (or competitions) work. Emails from your employer telling you that you’ve been promoted or will receive a salary increase are also likely to be scams – although it might be worth double-checking with your manager before you ignore and delete those!
If you’re wondering who to report phishing emails to, full details of the reporting process can be found on the government website.
Rather conveniently, you can also report phishing directly in Outlook without even opening the email. Go to your inbox and select the message you wish to report, then select the ‘Junk’ button above the reading pane, followed by ‘Phishing’ and ‘Report’. Reporting a phishing email will not automatically block the sender, so remember to do that afterwards to avoid receiving future scams from the same source.
If you would like more advice and guidance on how to keep yourself and your business safe online, contact us today to speak to one of our friendly cyber security experts. We offer a range of cyber security services to cover all your online safety needs.
Talk through your IT needs with one of our friendly technicians – no commitment, no cost!
Complete our contact form and one of our experts will be in touch, or call our team on 01332 374444.
Array ( )