Skip to content
Close

Quality Advice Quality Service

Show / hide the search form Menu

Home News & Events Top Tips to Avoid Phishing Scams

Top Tips to Avoid Phishing Scams

Did you know that in 2019, 32% of businesses and 22% of charities have identified cyber security breaches or attacks.

Among these organisations, the most common attacks are:

  • phishing emails (80% of businesses and 81% of charities experiencing breaches or attacks)
  • others impersonating their organisation online (28% and 20%)
  • viruses or other malware, including ransomware (27% and 18%)¹.

Below you will find some easy tips on how to spot phishing emails.  You may also want to read our article on managing your online passwords and how you should use them to keep your information as secure as possible and avoid scams and theft.

To put it simply, phishing scams are there to con you or your business. As the statistics above indicate many of these scams happen online. They are set up by computer hackers who send deceptive emails or set up fake websites.

Unfortunately, no matter what companies do, some phishing emails will always make it to the inbox – cybercriminals are constantly thinking of ways to overcome newly developed security. That’s where end user education comes in. In fact, in the case of more than half (57%) of businesses who had suffered a recent breach, the incident had first been spotted by staff rather than by software². So it pays to educate your staff.

Here are nine simple tips to help identify spoofing or phishing emails.

Tip 1 – Don’t trust the display name
Many email inboxes only show the display name of an email. A tactic used by cybercriminals is to closely replicate the display name of an email. For example, berwick@gwayre.co.org – the GWA correct address is berwick@gwayre.co.uk.  Double check the email address in the “from field”, if it looks suspicious, don’t open the email.
Tip 2 – Who is it addressed to
If the email is addressed to “Valued Customer” or another generic title, be on guard. Legitimate businesses will often use a personal salutation with your first and last name.
Tip 3 – Beware of urgent or pressuring language in the subject line
Invoking a sense of urgency or fear is a common phishing tactic. Beware of subject lines that claim your “account has been suspended” or your account had an “unauthorised login attempt.”
Tip 4 – Watch out for spelling mistakes
Legitimate messages usually do not have major spelling mistakes or poor grammar. Read your emails carefully. Many phishing emails may also use United States English rather than UK English.
Tip 5 – Look but don’t click
If there are any links embedded in the email hover your mouse over these. This should display the full link address – if this looks odd or different to that shown in the email do not click on it.
Tip 6 – Do not provide sensitive or personal information
Legitimate banks and most other organisations will never ask for sensitive account information such as passwords or credit card details via email.
Tip 7 – Do not click on attachments
Including malicious attachments that contain viruses and malware is a common phishing tactic. Malware can damage files on your computer, steal your passwords or spy on you without your knowledge. Failed delivery notices or unpaid invoices are common attachments that include malware. Do not open any email attachments you weren’t expecting.
Tip 8 – Check the sender’s contact details
Lack of details about the sender or how you can contact a company could suggest a phishing email. Legitimate businesses always provide contact details.
Tip 9 – Be a sceptic
Just because an email has realistic logos, language and a seemingly valid email address does not mean that it is legitimate. When it comes to your email messages be a sceptic. If it looks even remotely suspicious, don’t open it.

If you are compromised The National Cyber Security Centre has developed a guide that helps
organisations prepare their response to and plan their recovery from a cyber incident.

If you are ever unsure about an email or would like to discuss how you can be better prepared in relation to cyber security, please feel free to contact GWA Computer Services on 01289 306688 or ithelpdesk@gwayre.co.uk.
¹ Cyber Security Breaches Survey 2019
² Action Fraud News – 23 March 2019

Back to News and Events

News and Events

Blog

10 April 2024

Global Market Commentary – April 2024

At the end of 2023, investors expected the US and UK central banks to reduce interest rates by 1.50 -1.75 percentage points in 2024.1 A fortnight after the spring equinox, those expectations have reduced to only 0.25 - 0.75 percentage points2 and some are now questioning whether we will see any rate cuts at all.

Read Post

News

25 March 2024

GWA Community News and Staff News

As we look forward to Spring and the lighter, brighter days ahead, we round up what has been a busy few months as we came to the end of 2023 and welcomed the New Year. Our support of local causes, initiatives and hosting of our own events has been as busy as ever…

Read Post

News

25 March 2024

GWA Events – Rural Seminars and Bank of England Business Update

Rural Seminars – We held two successful rural seminars in late Autumn 2023, one in Haddington, East Lothian…

Read Post

News

25 March 2024

Three Counties announces new Director promotion

We are pleased to announce that Richard Kirkham has become a Director of Three Counties Ltd and GWA Asset Management
Ltd on 6 February 2024.

Read Post