Phishing emails are an attempt to steal your money or identity, by getting you to reveal personal information. For example, credit card numbers, bank information, or passwords. Cybercriminals pretend to be reputable companies such as banks, or other members in the organisation in a fake email which contains either a link or an attachment.

These emails are used to create a false sense of urgency. Most of the time while pretending to be a reputable organisation you will be able to determine whether the emails received are genuine or not, by taking your time reading it and making sure you check things like the domain name, as this will help establish whether the email is a scam and should just be deleted.

How to Recognize a Phishing Email  

Urgent call to action or threats – Be suspicious of emails and teams messages that claim you must click, call, or open an attachment immediately. Often, they’ll claim you have to act now to claim a reward or avoid a penalty. Creating a false sense of urgency is a common trick of phishing attacks and scams. They do that so that you won’t think about it too much or consult with a trusted advisor who may warn you.  

Tip: Whenever you see a message calling for immediate action take a moment, pause, and look carefully at the message. Are you sure it’s real? Slow down and be safe.  

First time, infrequent senders, or senders marked [External] – While it’s not unusual to receive an email or teams message from someone for the first time, especially if they are outside your organisation, this can be a sign of phishing. Slow down and take extra care at these times. When you get an email or a teams message from somebody you don’t recognise, or that Outlook or Teams identifies as a new sender, take a moment to examine it extra carefully using some of the measures below.  

Spelling and bad grammar – Professional companies and organisations usually have an editorial and writing staff to make sure customers get high-quality, professional content. If an email message has obvious spelling or grammatical errors, it might be a scam. These errors are sometimes the result of awkward translation from a foreign language, and sometimes they’re deliberate in an attempt to evade filters that try to block these attacks.  

Generic greetings – An organisation that works with you should know your name and these days it’s easy to personalise an email. If the email starts with a generic “Dear sir or madam” that’s a warning sign that it might not really be your bank or work associate.  

Mismatched email domains – If the email claims to be from a reputable company, like Microsoft or your bank, but the email is being sent from another email domain like Gma1l.com, or microsoftsupport.ru it’s probably a scam. Also be watchful for very subtle misspellings of the legitimate domain name. Like micros0ft.com where the second “o” has been replaced by a 0, or rnicrosoft.com, where the “m” has been replaced by an “r” and a “n”. These are common tricks of scammers.  

Suspicious links or unexpected attachments – If you suspect that an email message, or a message in teams is a scam, don’t open any links or attachments that you see. Instead, hover your mouse over, but don’t click the link. Look at the address that pops up when you hover over the link. Ask yourself if that address matches the link that was typed in the message. In the below example, resting the mouse over the link reveals the real web address in the box with the yellow background. The string of numbers looks nothing like the company’s web address.

Below is an example of a phishing email this has been sent with a message of a high severity to cause panic. The email is also sent from a non Microsoft email address indicating the email is not from Microsoft. The final item showing here that the link once clicked takes you to a non Microsoft website.

What to do if you believe you have a phishing email

When you have determined that the email received is a scam or contains malicious content you should mark the email as junk by right clicking and clicking on the mark as junk option, this will then move this email to the junk email folder and any further emails from this email address. This process will update the email filters to block any further emails.

If you do receive an email that you are unsure of please get in contact with us and we can assist with checking.