Skip to content

Top Tips to Avoid Phishing Scams

Did you know that in 2019, 32% of businesses and 22% of charities have identified cyber security breaches or attacks.

Among these organisations, the most common attacks are:

  • phishing emails (80% of businesses and 81% of charities experiencing breaches or attacks)
  • others impersonating their organisation online (28% and 20%)
  • viruses or other malware, including ransomware (27% and 18%)¹.

Below you will find some easy tips on how to spot phishing emails.  You may also want to read our article on managing your online passwords and how you should use them to keep your information as secure as possible and avoid scams and theft.

To put it simply, phishing scams are there to con you or your business. As the statistics above indicate many of these scams happen online. They are set up by computer hackers who send deceptive emails or set up fake websites.

Unfortunately, no matter what companies do, some phishing emails will always make it to the inbox – cybercriminals are constantly thinking of ways to overcome newly developed security. That’s where end user education comes in. In fact, in the case of more than half (57%) of businesses who had suffered a recent breach, the incident had first been spotted by staff rather than by software². So it pays to educate your staff.

Here are nine simple tips to help identify spoofing or phishing emails.

Tip 1 – Don’t trust the display name
Many email inboxes only show the display name of an email. A tactic used by cybercriminals is to closely replicate the display name of an email. For example, berwick@gwayre.co.org – the GWA correct address is berwick@gwayre.co.uk.  Double check the email address in the “from field”, if it looks suspicious, don’t open the email.
Tip 2 – Who is it addressed to
If the email is addressed to “Valued Customer” or another generic title, be on guard. Legitimate businesses will often use a personal salutation with your first and last name.
Tip 3 – Beware of urgent or pressuring language in the subject line
Invoking a sense of urgency or fear is a common phishing tactic. Beware of subject lines that claim your “account has been suspended” or your account had an “unauthorised login attempt.”
Tip 4 – Watch out for spelling mistakes
Legitimate messages usually do not have major spelling mistakes or poor grammar. Read your emails carefully. Many phishing emails may also use United States English rather than UK English.
Tip 5 – Look but don’t click
If there are any links embedded in the email hover your mouse over these. This should display the full link address – if this looks odd or different to that shown in the email do not click on it.
Tip 6 – Do not provide sensitive or personal information
Legitimate banks and most other organisations will never ask for sensitive account information such as passwords or credit card details via email.
Tip 7 – Do not click on attachments
Including malicious attachments that contain viruses and malware is a common phishing tactic. Malware can damage files on your computer, steal your passwords or spy on you without your knowledge. Failed delivery notices or unpaid invoices are common attachments that include malware. Do not open any email attachments you weren’t expecting.
Tip 8 – Check the sender’s contact details
Lack of details about the sender or how you can contact a company could suggest a phishing email. Legitimate businesses always provide contact details.
Tip 9 – Be a sceptic
Just because an email has realistic logos, language and a seemingly valid email address does not mean that it is legitimate. When it comes to your email messages be a sceptic. If it looks even remotely suspicious, don’t open it.

If you are compromised The National Cyber Security Centre has developed a guide that helps
organisations prepare their response to and plan their recovery from a cyber incident.

If you are ever unsure about an email or would like to discuss how you can be better prepared in relation to cyber security, please feel free to contact GWA Computer Services on 01289 306688 or ithelpdesk@gwayre.co.uk.
¹ Cyber Security Breaches Survey 2019
² Action Fraud News – 23 March 2019

Back to News and Events

News and Events

Remember Remember the End of September

The end of September marks major changes to, a number of the economic measures the government brought in to support businesses through the COVID-19 pandemic including furlough, SEISS and the reduced VAT rate.

COVID-19: Summary of Finance and Business Measures – last updated 14 September 2021

This article summarises the business support measures the UK and Scottish governments, along with other NGBs and organisations have introduced as a result of the COVID-19 outbreak.

Webinar – Bank of England Business Update

7 October 2021

National Minimum Wage – It’s No Laughing Matter

There are some unbelievable reasons given for not paying the National Minimum Wage (NMW). However, HMRC take complaints very seriously, so make sure you know the rules.