A phishing or scam email will encourage the recipient to take some positive action as a consequence of its content, often to click a link, open an attachment, provide information or send money.
When there is any question regarding an email’s origin or integrity, the following checklist will remind you of what to look out for. Much of the following can also be applied to scam text messages (smishing).
Download our interactive 'How to spot a Phishing email CHECKLIST' to help your organisation stay secure.
Mistakes can indicate that the email originates from outside the UK or that a translation device has been used.
Click the sender email address to reveal who the real sender is. Be vigilant and double check the details to see if they are consistent with your regular contacts. There might be small changes like O to 0 or additional punctuation and the email suffix might be different such as .gov.uk becomes .gov.uk.com.
Hover over the link to reveal the true website you will be taken to. Small changes to the website address might make it difficult to determine a fake. If you accidentally click the link don’t panic but report it to your supervisor.
Scan attachments with AntiVirus/AntiMalware. Never open attachments from unknown sources.
Take 5, don’t act on impulse. It is ok to pause and think about what is being asked of you.
Does it follow usual greeting, structure, tone, etc. that you are familiar with? Is the email from who you would expect?
These can often contain malware or an embedded link, do not click on them.
Low-quality images indicate that they are not from the company they claim.
Fraudsters might entice you into clicking a link or attachment for a “special offer”. If it looks too good to be true, it probably is!
Fraudsters will tailor their scams to routine procedures (such as monthly invoice payments) but the sender might be inconsistent or the email is not addressed to you personally.
Likewise, a request can come out of the blue (such as a change of bank details), purporting to be from colleagues or senior management.
- Do not click on links or open attachments that are unexpected
- Phone and speak to a known, reputable contact. Use a previously verified number, not one from the suspicious email
- Get a second opinion from your colleagues and line manager
- Report internally to your line manager
Visit the Action Fraud website for further advice https://www.actionfraud.police.uk/